SitePoint Sponsor

User Tag List

Results 1 to 5 of 5

Hybrid View

  1. #1
    SitePoint Member
    Join Date
    Dec 2000
    Posts
    2
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Hey folks,

    I have been updating a datbase using request.form in my SQL statements. I ran into a problem when the user entered info is something like "Today's special is chicken" cause the SQL statement is run through it thinks that the "'" in Today's is the end of the string which of course its not. How do I deal with this?

    Here is an example

    User Enters:

    Today's Special

    SQL statement becomes:

    'Today's Special'

    how do I work around this?

  2. #2
    SitePoint Evangelist
    Join Date
    Jul 2000
    Location
    Warwickshire, England
    Posts
    557
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    I think you need the addslashes and strip slashes functions.

    To add the escape character ("\" in this case), just use
    $text = addslashes ($text);

    and to get the original string back (usually, when you query the database to retrieve the content) use
    $text stripslashes($text)

  3. #3
    Dumb PHP codin' cat
    Join Date
    Aug 2000
    Location
    San Diego, CA
    Posts
    5,460
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Sounds like you are using ASP not PHP so the above probably won't work. You need to replace the ' with its ascii counterpart before inserting into the db.
    Please don't PM me with questions.
    Use the forums, that is what they are here for.

  4. #4
    SitePoint Member
    Join Date
    Dec 2000
    Posts
    2
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Your correct Im using ASP and SQL server. Is there an easy way to make the change? It seems that PHP has a built in function to do that. Is there a quick fix in ASP?

    Thanks...

  5. #5
    Dumb PHP codin' cat
    Join Date
    Aug 2000
    Location
    San Diego, CA
    Posts
    5,460
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    I don't really think so I think you may have top use the replace function to replace the quotes with ascii equiliants, but I am sure if wluke is checking this post he can shed some light on this, I know he is the ASP Man
    Please don't PM me with questions.
    Use the forums, that is what they are here for.


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •