Well, I can't say it correctly, I'm sure the title is not what I meant, I just didn't know how to say it... But anyways, I inserted some text in a table in a dtabase, for SQL injection reasons, I stripslashed it or should I say "I used real_escape_string" But when I'm selecting and showing this text on a page, wherever there is a " ' " symbol, all the rest of the text is gone... Here is an example:
After inserting this text: "I'm really cool", when trying to put the text on a web page (with the select command), here is what I get: "I" I think it's because of the " ' " symbol, because when I take a look at the table, it's well written.
I hope you understand me. Thank you.
Crakken
0
Newbie Poster
Recommended Answers
Jump to PostShow the code you're using to echo the string. mysql_real_escape_string shouldn't cause you to have to use stripslashes. You mention that the DB entry seems fine.
Jump to PostI meant the code that you're using to echo the text out to the screen.
All 5 Replies
diafol
Show the code you're using to echo the string. mysql_real_escape_string shouldn't cause you to have to use stripslashes. You mention that the DB entry seems fine.
Crakken
0
Newbie Poster
So, here it is:
$text = "abcdef'ghijkl";
if (get_magic_quotes_gpc()) { // Check if magic quotes are enabled
$new_text = stripslashes($text);
}else {
$new_text = $connection->real_escape_string($text);
}
// Don't worry about $connection, it's personal,
// just see that it first checks if magic quotes are enabled
// If so, it uses stripslashes,
// else, it uses real_escape_string
Now, when I check my table with phpmyadmin, everything is correct, it shows like that:
abcdef'ghijkl
And when I want to display it on a page, it shows like that:
abcdef
without the rest... is there a function that can make it display as it should be?
diafol
I meant the code that you're using to echo the text out to the screen.
Crakken
0
Newbie Poster
Lol, I'm sorry. I figured it out, when printing it out, I used:
<a href='somlink.com' title='".$cat_title."'>link</a>
So the " ' " in the $cat_title closed the attribute!
I don't usually come on forums to ask help, but that was so stupid and easy that I had to do it... :/
Thanks for trying to help.
diafol
OK, mark question as solved (button below)
Be a part of the DaniWeb community
We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.