I have a database which contains authors and books. Some of those authors and books contain slashes in the name or title fields. When I query the database for authors, it matches just fine, with or without slashes. When I query books, however, it only finds books without slashes in the title.

Here is the code I use for converting values to allow the user to choose one author or book:

AUTHORS:

$result = mysqli_query($con,"SELECT * FROM authors");

  while($row = mysqli_fetch_assoc($result)) 
    {
        $string=iconv ( "Windows-1252" , "UTF-8" , $row[name] );
    echo '<option value = "';
    echo $string;
    echo '">';
    echo $string;
    echo '</option>';
    }

BOOKS:

  $result = mysqli_query($con,"SELECT * FROM books order by bookTitle");
  while($row = mysqli_fetch_assoc($result)) 
    {
        $string=iconv ( "Windows-1252" , "UTF-8" , $row[bookTitle] );
    echo '<option value = "';
    echo $string;
    echo '">';
    echo $string;
    echo '</option>';
    }

Here is the code I use for populating the form from the chosen book or author:

AUTHOR

$result = (mysqli_query($con,"SELECT * FROM authors WHERE name = '$_POST[authorName]'"));

BOOK

$result = (mysqli_query($con,"SELECT * FROM books WHERE bookTitle = '$_POST[bookName]'"));

The AUTHOR will return values associated with the author chosen by the user. The BOOK will not return values for the chosen book if there is a slash in the title. It says there are no matching records.

What am I missing?

Mahad_3 commented: There could be several reasons why your code is not returning the database values. Here are some potential issues you may want to investigate: Connec +0

I'm not familiar with PHP and I can't see your table definitions or the actual data in the tables. I suggest you install the MySQL Admin Console app and query the tables directly to verify what is in them. Once you have the correct data and queries you can try it from PHP.

Hello,

The problem is that you are not properly escaping the author or book name when entering them into the database. I wrote an article here about the importance of doing this.

This is what your code should look like when querying the database:

$result = (mysqli_query($con,"SELECT * FROM authors WHERE name = " . $con->real_escape_string($_POST[authorName])));
$result = (mysqli_query($con,"SELECT * FROM books WHERE bookTitle = " . $con->real_escape_string($_POST[bookName])));

Also, you should not have to use iconv(). Instead, it's best for your database to store data in UTF-8 format, as well as for your connection to MySQLi to use UTF-8.

Basically what's happening is the backslash has the meaning of escaping the character that comes after it. The problem is that you seem to be using multiple character sets and then doing PHP conversions with iconv(). Just make everything use UTF-8 and simplify everything.

Thank you for your suggestions. I should have said that the database contains items like:

John Doe &#47 Mary Smith

or

First Title &#47 Second title &#47 Third Title

I think what really bothers me is that the code works on the authors, but not on the books, and I don't see the difference.

My suggestion still holds. You have an encoding bug somewhere. Make everything UTF-8.

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.