PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!
$updateQuery = "UPDATE ".$settings['tbl_articles']." SET txtTitle = '"
.mysql_real_escape_string($_POST['title'])."', txtArticle = '"
.mysql_real_escape_string($_POST['thearticle'])."', dteEdited = NOW() WHERE ID = "
.$_GET['id'];
I have a title: Testing Amy's Ideas
If I edit this entry and then use the code above I end up with: Testing Amy/'s Ideas
This issue does not appear to affect the article content itself (sent under $_POST['thearticle']) so I am slightly confused. I tried stripslashes() on the above but to no avail (mysql_real_escape_string(stripslashes($_POST['title']))).
It appears when I requery the database using a select statement and display the results.
I can also see it when I use PHPMYADMIN to view the data directly.
I have no idea if I have magic_quotes enabled but have been told this is enabled by default so I can assume so. That was the reason for introducing stripslashes() but this did not resolve the issue.