PDA

View Full Version : Can't save data if there is a : ' (quote) in the input field



lpastor
18 Aug 2009, 12:26 PM
Hello,

If I write a ' in my input, I can't save data (nothing happens), however I use json_encode and decode.

If someone have an idea ?

Laurent

VinylFox
18 Aug 2009, 4:39 PM
You will need to provide more information for us to help you. A code sample can do wonders.

httpdotcom
18 Aug 2009, 5:14 PM
This merely sounds like a SQL issue to me (as an apostrophe is a special character). You should be able to escape it in whatever manner your database calls for (Oracle would be a double apostrophe, MySQL uses slash apostrophe, etc.)

lpastor
19 Aug 2009, 3:47 AM
Exactly, thank's Httpdotcom,

I modified my php script with that, and it's good now :


$query="update $table set ";
foreach($data as $cle=>$valeur){
$query.="$cle='".addslashes($valeur)."', ";
}
$query=substr($query, 0, -2); // Supprime la dernière virgule
$query.=" where $idkey='$id' ";

VinylFox
19 Aug 2009, 10:58 AM
You should really use the database specific escape functions available, such as 'mysqli_real_escape_string' or 'pg_escape_string', etc.

avsomeren
19 Aug 2009, 12:41 PM
...or replace a single ' with 2x '