Using your variables and query, the following, based on one of my own
functional pages, the following should work:
$FF = addslashes($_POST[Cid]);
$info = mysql_query("Select * From customer Where customer.customer LIKE
'$FF' ");
Give it a shot. Hope this helps.
Rich
> -----Original Message-----
> From: ma [mailto:grillen@xxxxxxxxxxxxxx]
> Sent: Wednesday, November 05, 2003 2:29 PM
> To: PHP-DB
> Subject: Re: Select Value with 's
>
>
> hi
>
> hm - it would help if you'd send us the code where you
> generate the query
>
> _ma
>
> # life would be easier if i knew the source code...
>
> > Von: "Aleks @ USA.net" <Aleks.k@xxxxxxx>
> > Datum: Wed, 5 Nov 2003 14:23:06 -0500
> > An: "'ma'" <grillen@xxxxxxxxxxxxxx>, "'PHP-DB'"
> <php-db@xxxxxxxxxxxxx>
> > Betreff: RE: Select Value with 's
> >
> > Tried both... Still no joy...
> >
> > The statement becomes
> > $info = mysql_query('Select * From customer Where
> customer.customer LIKE St
> > Mary's Hospital');
> >
> > Maybe I need to be a little clearer... Seem that the sql
> statement is now
> > getting the correct value
> > But the extra ['] is confusing it....
> >
> >
> > -----Original Message-----
> > From: ma [mailto:grillen@xxxxxxxxxxxxxx]
> > Sent: Wednesday, November 05, 2003 2:07 PM
> > To: PHP-DB
> > Subject: Re: Select Value with 's
> >
> > hi
> >
> > ok - than make it this way:
> >
> > $info = mysql_query( Select * From customer Where
> customer.customer LIKE "St
> > Mary's Hospital");
> >
> > anyways - shouldn't it be like this?:
> >
> > $FF = "St Mary's Hospital";
> > $info = mysql_query('Select * From customer Where
> customer.customer LIKE
> > "'.$FF.'"');
> >
> > _ma
> >
> > # life would be easier if i knew the source code...
> >
> >> Von: "Aleks @ USA.net" <Aleks.k@xxxxxxx>
> >> Datum: Wed, 5 Nov 2003 14:01:37 -0500
> >> An: "'ma'" <grillen@xxxxxxxxxxxxxx>, "'PHP-DB'"
> <php-db@xxxxxxxxxxxxx>
> >> Betreff: RE: Select Value with 's
> >>
> >> Sorry I left out the exact form....
> >>
> >> It is
> >>
> >> $info = mysql_query( Select * From customer Where customer.customer
> >> LIKE 'St Mary's Hospital');
> >>
> >>
> >>
> >> -----Original Message-----
> >> From: ma [mailto:grillen@xxxxxxxxxxxxxx]
> >> Sent: Wednesday, November 05, 2003 1:56 PM
> >> To: PHP-DB
> >> Subject: Re: Select Value with 's
> >>
> >> hi
> >>
> >> think you should use ' when you create the query and " in the
> >> SQL-statement for comparison:
> >>
> >> $qry = 'SELECT *
> >> FROM customer
> >> WHERE customer.customer LIKE "'.$FF.'"';
> >>
> >> _ma
> >>
> >> # life would be easier if i knew the source code...
> >>
> >>> Von: "Aleks @ USA.net" <Aleks.k@xxxxxxx>
> >>> Datum: Wed, 5 Nov 2003 13:52:51 -0500
> >>> An: "'CPT John W. Holmes'" <holmes072000@xxxxxxxxxxx>, "'ma'"
> >>> <grillen@xxxxxxxxxxxxxx>, "'PHP-DB'" <php-db@xxxxxxxxxxxxx>
> >>> Betreff: RE: Select Value with 's
> >>>
> >>> Thanks John for the answer.... But...
> >>>
> >>> Now my select statement on the Result.php page errors out when The
> >>> value has the [']in it..... What the select statement
> looks like now
> >>> Is
> >>>
> >>> Select *
> >>> From customer
> >>> Where customer.customer LIKE 'St Mary's Hospital'
> >>>
> >>> Error message is
> >>>
> >>> Warning mysql_fetch_array(): supplied argument is not a
> valid MySQL
> >>> result
> >>>
> >>>
> >>>
> >>>
> >>>
> >>> -----Original Message-----
> >>> From: CPT John W. Holmes [mailto:holmes072000@xxxxxxxxxxx]
> >>> Sent: Wednesday, November 05, 2003 1:45 PM
> >>> To: Aleks @ USA.net; 'ma'; 'PHP-DB'
> >>> Subject: Re: Select Value with 's
> >>>
> >>> From: "Aleks @ USA.net" <Aleks.k@xxxxxxx>
> >>>> First I build my select list:
> >>>>
> >>>> <SELECT NAME="Cid" size="1">
> >>>> <OPTION Selected VALUE="">All Customers</OPTION>
> >>>>
> >>>> <?
> >>>> While ($Site = mysql_fetch_array($S)) {
> >>>> $Sid = $Site["CID"];
> >>>> $SName = htmlspecialchars($Site["Customer"]);
> >>>> echo("<option value='$SName'>$SName</options>\n");
> >>>
> >>> Easy fix: echo("<option value=\"$SName\">$SName</options>\n");
> >>>
> >>> Long version:
> >>>
> >>> htmlspecialchars() does not change single quotes unless you pass
> >>> ENT_QUOTES as the second parameter. What you're ending up
> with is a
> >>> value
> >> such as:
> >>>
> >>> value='St. Mary's'
> >>>
> >>> which, HTML will interpret as a value of "St. Mary" and
> an unknown s'
> >>> attribute. So,
> >>>
> >>> $SName = htmlspecialchars($Site["Customer"], ENT_QUOTES);
> >>> echo("<option value='$SName'>$SName</options>\n");
> >>>
> >>> will convert single quotes to HTML entities and not
> affect the value.
> >>>
> >>> The "easy fix" above works because it uses double quotes
> around the
> >>> value and htmlspecialchars() already changes double
> quotes by default.
> >>>
> >>> ---John Holmes...
> >>>
> >>
> >> --
> >> PHP Database Mailing List (http://www.php.net/) To
> unsubscribe, visit:
> >> http://www.php.net/unsub.php
> >>
> >> --
> >> PHP Database Mailing List (http://www.php.net/) To
> unsubscribe, visit:
> >> http://www.php.net/unsub.php
> >>
> >
> > --
> > PHP Database Mailing List (http://www.php.net/) To
> unsubscribe, visit:
> > http://www.php.net/unsub.php
> >
> > --
> > PHP Database Mailing List (http://www.php.net/)
> > To unsubscribe, visit: http://www.php.net/unsub.php
> >
>
> --
> PHP Database Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
>
--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
