Re: php forms



I noticed that Message-ID:
<ddhqdm$2mo$1@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx> from Margaret
contained the following:

>I finally
>worked out, after some hours of wondering, that the input page won't
>accept a ' (quote) although when I make the same entry direct into
>PHPmyadmin it is OK.
>
>Any ideas (it doesn't matter too much, but it would be nice to know why)?

Does it just fail? If so, it sounds like magic quotes is set to off and
the quote marks need to be escaped. You may have to use the
addslashes() function on your input variables. Try this(untested):

foreach($_POST as $key=>$value){
$$key=addslashes($value);
}
$query = "INSERT INTO $table VALUES
('','$date','$time','$title','$description')";
if(mysql_query($query)){
echo"The event has been entered.";
}
else{
echo "Could not enter record";
}

mysql_close();
?>

If the slashes are showing in the output then you may need to use
stripslashes to get rid of them, but if you haven't noticed them before
when adding quotes using phpMyadmin, then the chances are that this
function is already used.
--
Geoff Berrow 0110001001101100010000000110
001101101011011001000110111101100111001011
100110001101101111001011100111010101101011
.



Relevant Pages