Weird issue with mysql_real_escape_string

trufflepig · January 23, 2012, 4:08pm

I’m having a problem when using mysql_real_escape_string to allow apostrophes to be inputted into fields in a mySQL db.

Basically it cuts off the value of the data after the first instance of an apostrophe. So “Testing testing’s test testtesting” would be truncated to “Testing testing” and so forth.

I’m using this code:


$description = mysql_real_escape_string($_POST['_Description']);

And the query (which otherwise works fine) is:


$query = "UPDATE userdata SET RealName = '$realname', EmailAddress = '$emailaddress', YearOfBirth = '$yearofbirth', Profession = '$profession', Description = '$description' WHERE UserName = '$username'";

Any idea why it’s doing this?

Thanks

trufflepig · January 23, 2012, 5:04pm

Now solved- it was the actual output into the edit form that wasn’t working, it was fine in the db. Used htmlentities to fix.

Cups · January 24, 2012, 7:58am

May I ask, what methodology did you use to pinpoint your error?

trufflepig · January 24, 2012, 9:43am

Hi Cups, well I checked the actual value in the db in phpMyAdmin and saw that mysql_real_escape_string was actually doing it’s job and the data was going in correctly. However when it was being displayed back out using the “Edit details” form, it was cutting off at the first apostrophe- so I used htmlentities thus:


htmlentities($description, ENT_QUOTES);

Where $description was the variable for the Description field containing text with apostrophes.

Hopefully this will help anyone who has a similar issue at any point.

Cups · January 24, 2012, 1:42pm

Ah, right. I imagined you had not quoted the HTML form element or something like that.

I hope your experience leads to you helping someone else to work out what goes wrong between html/php/sql – it happens all the time on here.

tangoforce · January 24, 2012, 3:57pm

Isn’t that what Fou-Lou advised you to do a couple of days ago on the other forum? - That being the case, why did you then come here and ask for more help?

trufflepig · January 24, 2012, 10:32pm

Simply put, I posted on both forums in order to help increase the chance of response- with a deadline looming. Seeing as you’re interested.

tangoforce · January 24, 2012, 10:47pm

My apologies, having just checked over there I see you started them both on the same day/time. I thought I’d seen that topic two days ago - clearly I was wrong!

I’m very sorry.

Topic		Replies	Views
Data read from MySQL, posted into textbox truncates at apostrophe PHP	2	2312	October 25, 2014
Apostrophe causing problems in insert to database PHP	5	2572	October 8, 2014
How to use mysql_real_escape_string with UPDATE x SET y WHERE z PHP	10	7107	March 14, 2015
mysql_real_escape_string() connection question PHP	3	384	May 28, 2010
Apostrophes in my database PHP	8	951	March 13, 2015

Weird issue with mysql_real_escape_string

Related topics