Ok. I have a web form with text fields.
When the form is submitted, it goes to a php page to insert into a
Postgres DB.
Example:
pg_query($db,"I NSERT INTO table VALUES = ('" .
pg_escape_strin g($_POST['formfield']) . "')";
However, and I could swear this didn't always happen, now it seems that
if the formfield has a ' in it (i.e. "Sugapablo' s music") then when I
would return that field on another page such as:
echo $row['field'];
It would show up: Sugapablo\'s music
Every subsequent time I would submit that form, a slash would be added
before each \ and '. Sometimes producing: Sugapablo\\\\\\ \\\\'s music
Shouldn't the slash be elimnated before it get's into the database? Why
is it remaining. By submitting "INSERT INTO table VALUES ('Sugapablo\'s
music') actually put "Sugapablo' s music" into that field?
I've also had the same problem with addslashes().
--
Sugapablo - russpghREMOVE@s targate.net
http://www.sugapablo.com | ICQ: 902845
When the form is submitted, it goes to a php page to insert into a
Postgres DB.
Example:
pg_query($db,"I NSERT INTO table VALUES = ('" .
pg_escape_strin g($_POST['formfield']) . "')";
However, and I could swear this didn't always happen, now it seems that
if the formfield has a ' in it (i.e. "Sugapablo' s music") then when I
would return that field on another page such as:
echo $row['field'];
It would show up: Sugapablo\'s music
Every subsequent time I would submit that form, a slash would be added
before each \ and '. Sometimes producing: Sugapablo\\\\\\ \\\\'s music
Shouldn't the slash be elimnated before it get's into the database? Why
is it remaining. By submitting "INSERT INTO table VALUES ('Sugapablo\'s
music') actually put "Sugapablo' s music" into that field?
I've also had the same problem with addslashes().
--
Sugapablo - russpghREMOVE@s targate.net
http://www.sugapablo.com | ICQ: 902845
Comment