Page 1 of 1

HELP! update content even with a dash

Posted: Wed Nov 05, 2008 10:56 pm
by buknoii
hi there! i've created a php website and everytime i update it, it doesnt update if the data has '

below is my sample code :

Code: Select all

 
[color=#800000]<?php
$content_num_x = $_POST['frm_content_num'];
$content_heading_x = $_POST['frm_content_heading'];
 
mysql_query("UPDATE listings SET content_heading='$content_heading_x' WHERE content_num ='$content_num_x' ");
 
echo "<br><br>";
echo "<div align=center><h1>content updated</h1></div>";
 
mysql_close($con);
?>[/color]
 
and also why is it that data that i added ' shows with \ for example [b]season\'s should be season's [/b]
 
any help would be useful :)

Re: HELP! update content even with a dash

Posted: Wed Nov 05, 2008 11:19 pm
by pcoder
Use mysql_real_escape_string() function before passing the post content to the query.
8)

Re: HELP! update content even with a dash

Posted: Wed Nov 05, 2008 11:30 pm
by infolock
buknoii wrote:hi there! i've created a php website and everytime i update it, it doesnt update if the data has '

below is my sample code :

Code: Select all

 
[color=#800000]<?php
$content_num_x = $_POST['frm_content_num'];
$content_heading_x = $_POST['frm_content_heading'];
 
mysql_query("UPDATE listings SET content_heading='$content_heading_x' WHERE content_num ='$content_num_x' ");
 
echo "<br><br>";
echo "<div align=center><h1>content updated</h1></div>";
 
mysql_close($con);
?>[/color]
 
and also why is it that data that i added ' shows with \ for example [b]season\'s should be season's [/b]
 
any help would be useful :)

If it's adding a backspace(\) to apostrophe's automatically without you doing it, it's because you have magic_quotes turned on in your php.ini file.