single quotes

**=?ISO-8859-15?Q?Iv=E1n_S=E1nchez_Ortega?=** · Apr 24 '07, 06:35 PM

Re: single quotes

charlespb69 wrote:

I am new to php so this might be a real simple question. I have a
form that users are able to input information into and the information
goes into a mysql database table.. But single quotes (apostrophes)
are giving me problems. What can I do about this?

RTFM, and use mysql_real_esca pe_string() when appropiate. That
means "always".

--
----------------------------------
Iván Sánchez Ortega -ivansanchez-algarroba-escomposlinux-punto-org-

http://acm.asoc.fi.upm.es/~mr/

Proudly running Debian Linux with 2.6.20-1-amd64 kernel, KDE3.5.3, and PHP
5.2.0-10 generating this signature.
Uptime: 20:31:19 up 1 day, 6:50, 2 users, load average: 0.97, 0.79, 0.76

**Rik** · Apr 24 '07, 06:45 PM

Re: single quotes

Iván Sánchez Ortega wrote:

charlespb69 wrote:
>

>I am new to php so this might be a real simple question. I have a
>form that users are able to input information into and the information
>goes into a mysql database table.. But single quotes (apostrophes)
>are giving me problems. What can I do about this?

>
RTFM, and use mysql_real_esca pe_string() when appropiate. That
means "always".

I thought always, always, always :P

(Not true though, often you can use intval()/floatval(), possibly aided
by foreign key checks.)

--
Rik Wasmus

**Michael Placentra II** · Apr 24 '07, 08:45 PM

Re: single quotes

I use variable casting instead when the input should be a number. I don't use intval() or floatval() unless I need a base change.

Also, if you are using MySQLi instead and prefer OOP-style, then your method would be

$mysqliObj->real_escape_st ring()

**Bruno Barberi Gnecco** · Apr 24 '07, 08:45 PM

Re: single quotes

Rik wrote:

Iván Sánchez Ortega wrote:
>

>charlespb69 wrote:
>>

>>I am new to php so this might be a real simple question. I have a
>>form that users are able to input information into and the information
>>goes into a mysql database table.. But single quotes (apostrophes)
>>are giving me problems. What can I do about this?

>>
>>
>RTFM, and use mysql_real_esca pe_string() when appropiate. That
>means "always".

>
>
I thought always, always, always :P
>
(Not true though, often you can use intval()/floatval(), possibly aided
by foreign key checks.)
>

Also, check that magic_quotes (http://php.net/magic_quotes) is
unset.

--
Bruno Barberi Gnecco <brunobg_at_use rs.sourceforge. net>
Imbalance of power corrupts and monopoly of power corrupts absolutely.
-- Genji

**Good Man** · Apr 24 '07, 08:55 PM

Re: single quotes

Bruno Barberi Gnecco <brunobgDELETET HIS@users.sourc eforge.netwrote in
news:f0lq0v01g9 9@news3.newsguy .com:

>I thought always, always, always :P
>>
>(Not true though, often you can use intval()/floatval(), possibly aided
>by foreign key checks.)
>>

>
Also, check that magic_quotes (http://php.net/magic_quotes) is
unset.

and don't do it on arrays themselves

**charlespb69** · Apr 26 '07, 02:25 AM

Re: single quotes

On Apr 24, 11:31 am, Iván Sánchez Ortega <ivansanchez-...@rroba-
escomposlinux.-.punto.-.orgwrote:

charlespb69 wrote:

I am new to php so this might be a real simple question. I have a
form that users are able to input information into and the information
goes into a mysql database table.. But single quotes (apostrophes)
are giving me problems. What can I do about this?

>
RTFM, and use mysql_real_esca pe_string() when appropiate. That
means "always".
>
--
----------------------------------
Iván Sánchez Ortega -ivansanchez-algarroba-escomposlinux-punto-org-
>

http://acm.asoc.fi.upm.es/~mr/

Proudly running Debian Linux with 2.6.20-1-amd64 kernel, KDE3.5.3, and PHP
5.2.0-10 generating this signature.
Uptime: 20:31:19 up 1 day, 6:50, 2 users, load average: 0.97, 0.79, 0.76

What does RTFM mean - Read the f__cking manual?

**Jerry Stuckle** · Apr 26 '07, 03:25 AM

Re: single quotes

charlespb69 wrote:

On Apr 24, 11:31 am, Iván Sánchez Ortega <ivansanchez-...@rroba-
escomposlinux.-.punto.-.orgwrote:

>charlespb69 wrote:

>>I am new to php so this might be a real simple question. I have a
>>form that users are able to input information into and the information
>>goes into a mysql database table.. But single quotes (apostrophes)
>>are giving me problems. What can I do about this?

>RTFM, and use mysql_real_esca pe_string() when appropiate. That
>means "always".
>>
>--
>----------------------------------
>Iván Sánchez Ortega -ivansanchez-algarroba-escomposlinux-punto-org-
>>
>http://acm.asoc.fi.upm.es/~mr/
>Proudly running Debian Linux with 2.6.20-1-amd64 kernel, KDE3.5.3, and PHP
>5.2.0-10 generating this signature.
>Uptime: 20:31:19 up 1 day, 6:50, 2 users, load average: 0.97, 0.79, 0.76

>
What does RTFM mean - Read the f__cking manual?
>

Yes.

--
=============== ===
Remove the "x" from my email address
Jerry Stuckle
JDS Computer Training Corp.
jstucklex@attgl obal.net
=============== ===

**Rik** · Apr 26 '07, 04:35 PM

Re: single quotes

Jerry Stuckle wrote:

charlespb69 wrote:

>On Apr 24, 11:31 am, Iván Sánchez Ortega <ivansanchez-...@rroba-
>escomposlinu x.-.punto.-.orgwrote:

>>charlespb69 wrote:
>>>I am new to php so this might be a real simple question. I have a
>>>form that users are able to input information into and the information
>>>goes into a mysql database table.. But single quotes (apostrophes)
>>>are giving me problems. What can I do about this?
>>RTFM, and use mysql_real_esca pe_string() when appropiate. That
>>means "always".
>>>

>>
>What does RTFM mean - Read the f__cking manual?

>
Yes.

Or, "Read The Fine Manual" for the faint of heart, just to stress the
manual is really giving a clear answer :-)

--
Rik Wasmus

Estimated date being able to walk again: 01-05-2007.
Less then a week, hurray!

single quotes

single quotes

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment