Newbie type question:
apostrophes ie. a ' single quote is not "getting into" the database
fields. So if I entererd in a PHP/MYSQL web page entry field: Sally's
Website. When I look directly into the column with the MYSQL cmdline I
see: Sally s Website. Below are the code snips I'm using(I numbered each
snip to show order of execution), wondered what I should do?:
1.<?php
echo
'<form method="post" action="populate4.php">
<H3>Url Field</H3>
<input type="text" name="url_field" size=80 maxlength=199>
<H3>Title Field</H3>
<input type="text" name="title_field" size=80 maxlength=199>
<H3>Description Field</H3>
<textarea name="descrip_field" rows=15 cols=56
maxlength=1000></textarea>
<H3>Submit keywords with a file <i>or</i> with the text area
below</H3>
<input TYPE="radio" NAME="Type_Submit" VALUE="radio_file">
Use Key Word File
<br>
<input TYPE="radio" NAME="Type_Submit" VALUE="radio_area"
Checked > Use Key Word Text Area
<H3>Keyword file</H3>
<input type="text" name="kw_file" size=40
maxlength=80><h4><i> or </i></h4>
<H3>Keyword text area</H3>
<textarea name="kw_tarea" rows=10 cols=40></textarea>
<H3>Insert into MYSQL</H3>
<input type="submit" value="Insert">
</form>';
?>
2. ....$title_field = $_POST [ 'title_field' ];
$title_field = trim ( $title_field);
$title_field = substr($title_field, 0, 200);
$title_field = EscapeShellCmd($title_field);
if( !$title_field ) {
die( "You need to put a title in the title field." );
}
if (!get_magic_quotes_gpc()) {
$title_field = addslashes($title_field);
}....
3. ....mysql_query("INSERT INTO page (page_url, title, descrip) VALUES
('$url_field', '$title_field', '$descrip_field')");....
--
MySQL General Mailing List
For list archives: http://lists.mysql.com/mysql
To unsubscribe: http://lists.mysql.com/[EMAIL PROTECTED]
