since I had something similar as a problem, let m etry to anser ang see
did I get it correct :)
first, and most important: never store in DB row submitted string
$act_extra = mysql_real_escape_string($_POST[editextra]);
$act_extra_fr = mysql_real_escape_string($_POST[editextrafr])
$act_id = mysql_real_escape_string($_POST[editid]);
then:
$sqledit = "
update activities
set act_extra='".$act_extra."',
act_extra_fr = '".$act_extra_fr."'
where act_id = '".$act_id."'";
to check:
echo $sqledit;
it should work now.
hope this helped.
-afan
> This is the code is use to insert/update text into a database field:
>
> $sqledit="update activities set act_extra='$_POST[editextra]',
> act_extra_fr='$_POST[editextrafr]' where act_id=$_POST[editid]";
>
> Now both $_POST[editextra] and $_POST[editextrafr] can contain single or
> double quotes.
> So the query almost always gives me an error.
>
> I know I have to replace " with ", but I do not know how to replace
> the
> single quote so it is shown as a single quote on a webpage when I get it
> from the database
>
> I have been looking into str_replace and preg_replace. But what I really
> need is a solution that 'replaces' single quotes, double quotes en curly
> quotes so I tackle all possible problems and the same text as it was
> inputed
> in the textarea is shown on the webpage.
>
> Thx in advance
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
>
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
