Brian Hazelton wrote:
Brian Hazelton wrote:
I have a script which uploads csv data into a database. This works
well and has worked in every instance so far. However what I am
noticing is that today, even if I escape the data before putting it
into mysql it will not enter a line if it has a single quote, once I
take out the single quote it enters it into the database so I know it
is the single quote, is this an error or are single quotes not
allowed in csv...?
I figured out part of the problem. The problem lies with one of my
functions for cleaning the data before putting it into the database. I
have a function, see below, that will clean the data to put into mysql
and work whether magic quotes is on or off. It is not working because
I echo the query and the part I need escaped is not being escaped. I
try mysql_real_escape_string and it is being escaped by that so I
think the problem is something with my function, if anyone can help
that would be appreciated.
function clean($str){
if(get_magic_quotes_gpc()){
stripslashes($str);
mysql_real_escape_string($str);
return $str;
}
else{
mysql_real_escape_string($str);
return $str;
}
}
$name = 'O'Leksy';
$cleaned_name = clean($name);
echo of $cleaned name = O'Leksy';
if mysql_real_escape_string is used it echoes O\'Leksy';
Sorry for all of the posts. I got it figured out, it was just me being
stupid. Since this data isnt coming from get, post or cookies then
calling this function will still work but no slashes are getting added
so when the stripslashes function is called it returns an error and will
not continue to work because it does not return the string on error.
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php