Quotation mark colliding

joon1 · September 6, 2018, 10:11am

$query="SELECT say FROM myTable WHERE id=100"; $sql=mysql_query($query); $say=$row['say'];echo $say;

Let’s suppose the result of the code above is the below.

A' B"

I have another code below the code above.

$newSay=str_replace('A","AA", $say); $newSay=str_replace('B","BB", $newSay);

So far so good.

But I like to update the record like the below.

mysql_query('UPDATE myTable  SET say="$newSay" WHERE id=100');

But the SQL above doesn’t work because the quotation mark in where clause of the SQL seems, I think, to collide with the quotation marks which is inside the value.

How can I solve the problem?

I like to change the value below

A' B"

to

AA' BB"

droopsnoot · September 6, 2018, 11:14am

Have a read up on escaping quotation marks (or other significant characters), or used prepared statements?

There’s a problem with the quotes in this bit too:

$newSay=str_replace('A","AA", $say); $newSay=str_replace('B","BB", $newSay);

Incidentally, if these are actually imperial measurements in feet and inches, I’d recommend you store them in inches and just convert them for display.

TomB · September 6, 2018, 1:23pm

joon1 · September 6, 2018, 2:20pm

I am sorry the above is typo.
The correct code is the below.

I am afraid that these are NOT actually imperial measurements in feet and inches.

m_hutley · September 6, 2018, 8:33pm

If you’re not doing this for a programmatical reason (Read: You need the value elsewhere in your PHP code), instead do the replacement using the MySQL engine itself:

UPDATE myTable SET say=REPLACE(REPLACE(say,"A","AA"),"B","BB") WHERE id=100;

EDIT: errant ;. woops.

system · December 7, 2018, 3:33am

This topic was automatically closed 91 days after the last reply. New replies are no longer allowed.