Hello. I'm creating a simple "Classifieds" PHP application. It allows users
to view classifieds by category, and add new items to the database. For now,
I'm using MS Access 97 as my database (although eventually I would like to
switch to MySQL).
Anyway, one element of a classified is the description. I have a "textarea"
box where the user enters a description of the item he is selling. If the
user's input contains an apostrophe (aka a single quote "'") or even a double
quote, the code gets confused.
A single quote is used around values in an SQL update command. So if the
value itself contains a single quote (or multiple single quotes) I get an SQL
error when trying to update the database (understandably so).
When the user input contains double quotes, PHP gets confused and thinks other
form variables aren't set, which then confuses the SQL update command.
What kind of form processing do I need to do to fix these things?
Thanks,
Matt
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
