Quotes in a textfield and <br>

I have 2 questions, 1 how do I make it so that a TEXT date type can accept a ‘’ or " (like if I’m is entered) 2. How do I make it so there are little line breaks (Such as a <br> in a TEXT data type so all the content isn’t displayed as 1 big blob of ext?

Thanks…

If you are entering a word like It’s using your CMS you shouldn’t have any problems.

In PHP you could escape quotes like:


<?php
$str = "It's";

echo addslashes($str);
?>

Using htmlentities should help for Q1.

If you use addslashes, make sure magic_quotes is turned off and remember to use stripslashes when you extract the data.

man, you guys are fast

dear luke, please stop posting php questions in the mysql forum

thanks, that is all

Thread moved to the PHP forum.

You should be asking your database to escape these strings for you, addslashes has no place here. :slight_smile:

See, [fphp]mysql_real_escape_string[/fphp], [fphp]mysqli_real_escape_string[/fphp] and pdo::quote.

no, those are php functions, not mysql functions

you should be asking php to escape those strings for you

:slight_smile:

Most of OP’s questions are PHP related I gave him a PHP solution

As did I. :wink:

addslashes may work, but using one of the functions I posted will always work.

addslashes is not secure I’m afraid.

The PHP functions I posted ask the database server (hence the requirement for a valid connection) to properly escape the strings if I’m not mistaken.

maybe that’s why so many people post php questions in the mysql forum

i would definitely call them php procedures, even if they do make use of a mysql library function

You’re not wrong there.

From the documentation:

[indent]mysql_real_escape_string() calls MySQL’s library function mysql_real_escape_string, which prepends backslashes to the following characters: \x00,
, \r, \, ', " and \x1a.[/indent]

Sorry Anthony. :slight_smile: I didn’t read any of your links posted I only reacted to the first sentence

Hey, not a problem. :wink: