newbie problem inputting from form

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
stuart.cole
Forum Newbie
Posts: 2
Joined: Wed Oct 03, 2007 6:08 am

newbie problem inputting from form

Post by stuart.cole »

feyd | Please use

Code: Select all

,

Code: Select all

and [syntax="..."] tags where appropriate when posting code. Your post has been edited to reflect how we'd like it posted. Please read:  [url=http://forums.devnetwork.net/viewtopic.php?t=21171]Posting Code in the Forums[/url] to learn how to do it too.[/color]


I know this will be simple for many of you - but I have a problem.

I have written a simple CMS system to use on my own websites which inputs news from an online form, adds to DB etc ... but adding the news is causing me a challenge at times.

My text input fields, where the text is taken from press releases they quite often have apostrope's (') in the text - but these seem to be causing a problem when it tries to add the info to the DB... the apostrophe's are taken as part of the input coding, rather than just part of the text.

I've found a work around where I can change the ' to ` in word and re-paste and that works, but isn't the right way of doing it.

So, is there a way to force it to read an apostrophe as text, rather than code? Any hints or tips appreciated 

Code used below ...

[syntax="html"]
<table width="400"><H1> INSERT NEWS HERE:</H1>


<form action="insert3.php" method="post">
<tr><td>Heading: </td><td><textarea name="heading" cols="40" rows="2"></textarea></td></tr>
<tr><td>Subhead: </td><td><textarea name="subhead" cols="40" rows="2"></textarea></td></tr>
<tr><td>Main: </td><td><textarea name="main" cols="40" rows="20"></textarea></td></tr>
<tr><td>Weblink: </td><td><input size="30" maxlength="250" type="text" name="weblink" value="http://"></td></tr>
<tr><td>Date: </td><td><input size="30" maxlength="250" type="text" name="date" value="2007-"></td></tr>
<tr><td>Added by: </td><td><select name="added" size="3">
<OPTION VALUE="Laura Cleaver">Laura</OPTION>
<OPTION VALUE="Stuart Cole">Stuart</OPTION>
<OPTION VALUE="Louise Allatt">Louise</OPTION></select></td></tr>
<tr><td>Approved to go live? </td><td><select name="approved" size="2">
<OPTION VALUE="Y">Yes</OPTION>
<OPTION VALUE="N">No</OPTION></select></td></tr>
<tr><td><input type="submit" name="submit" value="Add News"></td></tr>
</form></table>
Insert 3 is here...[/syntax]

Code: Select all

<?php
$con = mysql_connect("localhost","USERNAME","PASSWORD");
if (!$con)
  {
  die('Could not connect: ' . mysql_error());
  }mysql_select_db("BD_NAME", $con);
  $sql="INSERT INTO News (Heading, Subhead, Main, Weblink, Date, Added, approved)
VALUES
('$_POST[heading]','$_POST[subhead]','$_POST[main]','$_POST[weblink]', '$_POST[date]','$_POST[added]','$_POST[approved]')";if (!mysql_query($sql,$con))
  {
  die('Error: ' . mysql_error());
  }
echo "News Story Added!";
mysql_close($con)
?>

feyd | Please use

Code: Select all

,

Code: Select all

and [syntax="..."] tags where appropriate when posting code. Your post has been edited to reflect how we'd like it posted. Please read:  [url=http://forums.devnetwork.net/viewtopic.php?t=21171]Posting Code in the Forums[/url] to learn how to do it too.[/color]
User avatar
VladSun
DevNet Master
Posts: 4313
Joined: Wed Jun 27, 2007 9:44 am
Location: Sofia, Bulgaria

Post by VladSun »

mysql_real_escape_string
or
addslashes()/stripslashes()
There are 10 types of people in this world, those who understand binary and those who don't
stuart.cole
Forum Newbie
Posts: 2
Joined: Wed Oct 03, 2007 6:08 am

Post by stuart.cole »

Many thanks
Post Reply