View Full Version : Form Error When User Enters "'"

02-27-2008, 04:15 AM
I have a form on my site, which works fine but if the user enters an inverted comma in the field I get the following error on the formInsert.php page...

Warning: mysql_close(): supplied argument is not a valid MySQL-Link resource in /home/formInsert.php on line 314
Failed to insert: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 't st!','1', '1', '1', '1', '1' at line 1

I think the "'" is getting posted and closing off the data, and adding extra so "couldn't" is getting entered as "couldn" "'t" anyway around this...

02-27-2008, 04:16 AM
This is what get's posted on the insert page...

$q10 = stripslashes($_POST['q10']);

02-27-2008, 04:23 AM
Are you using mysql_real_escape_string in the data? Its the same thing I told you already except you never responded which you seem to do quite often. You ask a question, get answers but don't return to your question.

02-27-2008, 04:26 AM
I see... I will look at the response and answer... Apologies.

02-28-2008, 03:04 AM
And yet you still didn't answer him... Are you using mysql_real_escape_string in the data?

02-28-2008, 03:19 AM
Yes I looked at the other response and answered that.