since I had something similar as a problem, let m etry to anser ang see did I get it correct :) first, and most important: never store in DB row submitted string $act_extra = mysql_real_escape_string($_POST[editextra]); $act_extra_fr = mysql_real_escape_string($_POST[editextrafr]) $act_id = mysql_real_escape_string($_POST[editid]); then: $sqledit = " update activities set act_extra='".$act_extra."', act_extra_fr = '".$act_extra_fr."' where act_id = '".$act_id."'"; to check: echo $sqledit; it should work now. hope this helped. -afan > This is the code is use to insert/update text into a database field: > > $sqledit="update activities set act_extra='$_POST[editextra]', > act_extra_fr='$_POST[editextrafr]' where act_id=$_POST[editid]"; > > Now both $_POST[editextra] and $_POST[editextrafr] can contain single or > double quotes. > So the query almost always gives me an error. > > I know I have to replace " with ", but I do not know how to replace > the > single quote so it is shown as a single quote on a webpage when I get it > from the database > > I have been looking into str_replace and preg_replace. But what I really > need is a solution that 'replaces' single quotes, double quotes en curly > quotes so I tackle all possible problems and the same text as it was > inputed > in the textarea is shown on the webpage. > > Thx in advance > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > > -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php