#1
  1. Full Access
    Devshed Regular (2000 - 2499 posts)

    Join Date
    Jun 2000
    Location
    London, UK
    Posts
    2,019
    Rep Power
    16
    OK, I have a database which is going to be used partly to store articles, which will basically be free-flowing text. So what if someone puts a single comma ' in? Because I am using the PHP:

    $query = "INSERT INTO quasimodo VALUES ($iNum,'$area','$sec1','$sec2','$sec3','$name','$phone','$email','$body')";

    So surely when someone types the words it's or something like that with an apostrophe in the middle, it'll screw everything up? The stuff will be entered through a form. Please, how can I get around this problem? A similar problem would arise if i used "$body" instead of '$body' because someone might put a word in "inverted commas". HELP!
  2. #2
  3. No Profile Picture
    Apprentice Deity
    Devshed Loyal (3000 - 3499 posts)

    Join Date
    Jul 1999
    Location
    Niagara Falls (On the wrong side of the gorge)
    Posts
    3,237
    Rep Power
    18
    Alex,

    Check out magic_quotes and addslashes in the PHP manual. ;-)
  4. #3
  5. Full Access
    Devshed Regular (2000 - 2499 posts)

    Join Date
    Jun 2000
    Location
    London, UK
    Posts
    2,019
    Rep Power
    16
    OK, I read the thing about magic_quotes, now how do I use them?!
  6. #4
  7. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Apr 2000
    Posts
    63
    Rep Power
    15
    just turn them on in the dex.ini file
  8. #5
  9. Full Access
    Devshed Regular (2000 - 2499 posts)

    Join Date
    Jun 2000
    Location
    London, UK
    Posts
    2,019
    Rep Power
    16
    what's the dex.ini file and where does it live? this is a unix server we're running on
  10. #6
  11. No Profile Picture
    Apprentice Deity
    Devshed Loyal (3000 - 3499 posts)

    Join Date
    Jul 1999
    Location
    Niagara Falls (On the wrong side of the gorge)
    Posts
    3,237
    Rep Power
    18
    It's in the php.ini file.

    I have no idea what a dex.ini file is.
  12. #7
  13. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Apr 2000
    Posts
    63
    Rep Power
    15
    Yeah, I work in a legacy client server program called Dexterity where there is a dex.ini file. I meant php.ini. Sorry about that. My fingers are faster than my brain...
    UJL
  14. #8
  15. Full Access
    Devshed Regular (2000 - 2499 posts)

    Join Date
    Jun 2000
    Location
    London, UK
    Posts
    2,019
    Rep Power
    16
    Will it be enabled by default on a web server? coz i don't have access to php.ini!
  16. #9
  17. No Profile Picture
    Apprentice Deity
    Devshed Loyal (3000 - 3499 posts)

    Join Date
    Jul 1999
    Location
    Niagara Falls (On the wrong side of the gorge)
    Posts
    3,237
    Rep Power
    18
    No, but you can use set_magic_quotes_runtime to bypass it.

    [This message has been edited by rod k (edited June 08, 2000).]

Similar Threads

  1. Highlight search result from mysql database search
    By Gurt in forum PHP Development
    Replies: 3
    Last Post: February 17th, 2004, 03:39 AM
  2. Need advice designing a usage tracking database (MySQL)
    By Randolpho in forum Database Management
    Replies: 0
    Last Post: February 13th, 2004, 04:11 PM
  3. Replies: 3
    Last Post: February 11th, 2004, 08:30 AM
  4. Replies: 5
    Last Post: February 3rd, 2004, 01:59 PM
  5. Replies: 0
    Last Post: January 31st, 2004, 02:15 AM

IMN logo majestic logo threadwatch logo seochat tools logo