Hello and welcome to our community! Is this your first visit?
Register
Enjoy an ad free experience by logging in. Not a member yet? Register.
Results 1 to 6 of 6
  1. #1
    Regular Coder
    Join Date
    Mar 2006
    Posts
    459
    Thanks
    3
    Thanked 0 Times in 0 Posts

    Form Error When User Enters "'"

    I have a form on my site, which works fine but if the user enters an inverted comma in the field I get the following error on the formInsert.php page...

    Code:
    Warning: mysql_close(): supplied argument is not a valid MySQL-Link resource in /home/formInsert.php on line 314
    Failed to insert: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 't st!','1', '1', '1', '1', '1' at line 1
    I think the "'" is getting posted and closing off the data, and adding extra so "couldn't" is getting entered as "couldn" "'t" anyway around this...

  • #2
    Regular Coder
    Join Date
    Mar 2006
    Posts
    459
    Thanks
    3
    Thanked 0 Times in 0 Posts
    This is what get's posted on the insert page...

    Code:
    $q10 = stripslashes($_POST['q10']);

  • #3
    Supreme Master coder! _Aerospace_Eng_'s Avatar
    Join Date
    Dec 2004
    Location
    In a place far, far away...
    Posts
    19,291
    Thanks
    2
    Thanked 1,043 Times in 1,019 Posts
    Are you using mysql_real_escape_string in the data? Its the same thing I told you already except you never responded which you seem to do quite often. You ask a question, get answers but don't return to your question.
    ||||If you are getting paid to do a job, don't ask for help on it!||||

  • #4
    Regular Coder
    Join Date
    Mar 2006
    Posts
    459
    Thanks
    3
    Thanked 0 Times in 0 Posts
    I see... I will look at the response and answer... Apologies.

  • #5
    Regular Coder
    Join Date
    Aug 2002
    Location
    Oregon, United States of America
    Posts
    882
    Thanks
    1
    Thanked 9 Times in 9 Posts
    And yet you still didn't answer him... Are you using mysql_real_escape_string in the data?
    If I'm postin here, I NEED YOUR HELP!!

  • #6
    Regular Coder
    Join Date
    Mar 2006
    Posts
    459
    Thanks
    3
    Thanked 0 Times in 0 Posts
    Yes I looked at the other response and answered that.


  •  

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •