Sending quotes to my database

Question

heavychevy 0 Newbie Poster

19 Years Ago

I've got an insert statement where there is a memo field that can easily contain quotes or single quotes or apostrophes. I cannot get it to insert I have tried with replacing the aposatrophe with a \', doesn't like it i have also tried

if (get_magic_quotes_gpc()==1) {

        $notes = stripslashes(ereg_replace('"','&#34;',$_POST["other_notes"])) ;

        } else {

        $notes = addslashes ( $string );

        }

the following is the sql statement:

Insert into lead_lines(empID, leadID, date_, notes) VALUES(1,14,'8/19/2005','

This guy seems like a real easy going dude. Might've been high when he ordered.')

How can I make the database except this???
It's stressing me out.

Thanks

php

Edited 11 Years Ago by TrustyTony because: fixed formating

2 Contributors
4 Replies
101 Views
5 Days Discussion Span
Latest Post 19 Years Ago Latest Post by heavychevy

bwest 15 Junior Poster in Training

19 Years Ago

Do you have phpMyAdmin? If so I would make an insert with that and make sure you use your single or double quotes, which ever you want. - And see how it does the job. It will make the insert and show the query that was used

Reply to this topic

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.

heavychevy 0 Newbie Poster · Answer 1 · 2005-08-22T19:32:38+00:00

I appreciate your answer. Although I have done that to test the sql statement. The thing is I need this to be able to be done on the page itself. It's an intranet system where employees can insert new customers and search for them etc.. If I can't do this on the page itself it's pointless.

bwest 15 Junior Poster in Training · Answer 2 · 2005-08-23T11:36:14+00:00

So are your employees using a form that you made? I hope their not allowed to make the query theirselves.

So if your using a form, you'll just have to format the string to be exactly what the phpmyadmin gave you

heavychevy 0 Newbie Poster · Answer 3 · 2005-08-24T19:55:22+00:00

I have it figured out. the answer is the following:
$squo = " ' ' ";
$specs = stripslashes(ereg_replace(" ' ", $squo, $_POST["specs"]));

p.s. no i don't have phpmyadmin, because i'm using php with an Access 200 db.