MySQL Development
 
Forums: » Register « |  User CP |  Games |  Calendar |  Members |  FAQs |  Sitemap |  Support | 
 
User Name:
Password:
Remember me
 
Go Back   Dev Articles Community ForumsDatabasesMySQL Development
Reload this Page

No ' allowed in MySQL

Discuss No ' allowed in MySQL in the MySQL Development forum on Dev Articles.
No ' allowed in MySQL MySQL Development forum to discuss administration, SQL syntax, and other MySQL-related topics. Find help with installing, configuring, and maintaining your MySQL databases.

Reply
Add This Thread To:
  Del.icio.us   Digg   Google   Spurl   Blink   Furl   Simpy   Y! MyWeb 
« Previous Thread | Next Thread »  
Thread Tools Search this Thread Display Modes
 
Unread Dev Articles Community Forums Sponsor:
  #1  
Old August 6th, 2006, 10:11 PM
midmented midmented is offline
Registered User
Dev Articles Newbie (0 - 499 posts)
  
Join Date: Aug 2006
Posts: 2 midmented User rank is Just a Lowly Private (1 - 20 Reputation Level) 
Time spent in forums: 25 m 44 sec
Reputation Power: 0
No ' allowed in MySQL
I am new at MySQL, PHP, and Apache. I have written a comments section on my page and use an INSERT statement to send the comment to a table. Everything works perfectly EXCEPT it will not accept a single quote ('). All other characters are accepted.
The comment field is TEXT.
Reply With Quote
  #2  
Old August 7th, 2006, 12:47 AM
Itsacon's Avatar
Itsacon Itsacon is offline
Command Line Warrior
Click here for more information
 
Join Date: Aug 2004
Location: Sector ZZ9 Plural Z Alpha
Posts: 995 Itsacon User rank is Lance Corporal (50 - 100 Reputation Level)Itsacon User rank is Lance Corporal (50 - 100 Reputation Level)Itsacon User rank is Lance Corporal (50 - 100 Reputation Level)  Folding Points: 808001 Folding Title: Super Ultimate Folder - Level 2Folding Points: 808001 Folding Title: Super Ultimate Folder - Level 2Folding Points: 808001 Folding Title: Super Ultimate Folder - Level 2Folding Points: 808001 Folding Title: Super Ultimate Folder - Level 2Folding Points: 808001 Folding Title: Super Ultimate Folder - Level 2Folding Points: 808001 Folding Title: Super Ultimate Folder - Level 2Folding Points: 808001 Folding Title: Super Ultimate Folder - Level 2
Time spent in forums: 6 Days 13 h 57 m 35 sec
Reputation Power: 5
Send a message via ICQ to Itsacon
You're probably using single quotes in your mysql query.
Try parsing the comments with addslashes() before you post them to the database, that will escape all `dangerous' characters.
__________________
This is my code. Is it not nifty?

"The biggest problem encountered while trying to design a system that was completely foolproof, was, that people tended to underestimate the ingenuity of complete fools."
---Douglas Adams

Join the Itsacon fanclub!    
Zero Tolerance: Spammers banned so far: 275
Reply With Quote
  #3  
Old August 12th, 2006, 09:07 AM
midmented midmented is offline
Registered User
Dev Articles Newbie (0 - 499 posts)
  
Join Date: Aug 2006
Posts: 2 midmented User rank is Just a Lowly Private (1 - 20 Reputation Level) 
Time spent in forums: 25 m 44 sec
Reputation Power: 0
RE: No ' allowed in MySQL
Yes, that was what was wrong. I did not have the addslashes() and didn't realize I needed them. Thanks!
Reply With Quote
  #4  
Old August 14th, 2006, 02:58 AM
Itsacon's Avatar
Itsacon Itsacon is offline
Command Line Warrior
Click here for more information
 
Join Date: Aug 2004
Location: Sector ZZ9 Plural Z Alpha
Posts: 995 Itsacon User rank is Lance Corporal (50 - 100 Reputation Level)Itsacon User rank is Lance Corporal (50 - 100 Reputation Level)Itsacon User rank is Lance Corporal (50 - 100 Reputation Level)  Folding Points: 808001 Folding Title: Super Ultimate Folder - Level 2Folding Points: 808001 Folding Title: Super Ultimate Folder - Level 2Folding Points: 808001 Folding Title: Super Ultimate Folder - Level 2Folding Points: 808001 Folding Title: Super Ultimate Folder - Level 2Folding Points: 808001 Folding Title: Super Ultimate Folder - Level 2Folding Points: 808001 Folding Title: Super Ultimate Folder - Level 2Folding Points: 808001 Folding Title: Super Ultimate Folder - Level 2
Time spent in forums: 6 Days 13 h 57 m 35 sec
Reputation Power: 5
Send a message via ICQ to Itsacon
You're welcome
Reply With Quote
  #5  
Old March 27th, 2007, 12:12 AM
Maz2331 Maz2331 is offline
Registered User
Dev Articles Newbie (0 - 499 posts)
  
Join Date: Mar 2007
Posts: 12 Maz2331 User rank is Just a Lowly Private (1 - 20 Reputation Level) 
Time spent in forums: 2 h 57 m 53 sec
Reputation Power: 0
Quote:
Originally Posted by midmented
I am new at MySQL, PHP, and Apache. I have written a comments section on my page and use an INSERT statement to send the comment to a table. Everything works perfectly EXCEPT it will not accept a single quote ('). All other characters are accepted.
The comment field is TEXT.


You need to escape out a single quote character (') and ensure that it becomes a pair of single quotes ('') before trying to put it into a SQL statement.

In PHP, the easy way is just run your string through the mysql_real_escape_string() function before the code that tries to put it into the database.

See... http://us3.php.net/manual/en/function.mysql-real-escape-string.php
Reply With Quote
Reply

Viewing: Dev Articles Community ForumsDatabasesMySQL Development > No ' allowed in MySQL

« Previous Thread | Next Thread »

Thread Tools  Search this Thread 
Search this Thread:

Advanced Search
Display Modes  Rate This Thread 
Linear Mode Linear Mode
Rate This Thread:


Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
View Your Warnings | New Posts | Latest News | Latest Threads | Shoutbox
Forum Jump


Forums: » Register « |  User CP |  Games |  Calendar |  Members |  FAQs |  Sitemap |  Support | 
  
 





© 2003-2008 by Developer Shed. All rights reserved. DS Cluster 4 hosted by Hostway
Stay green...Green IT