[KLUG Members] php and quotation marks

Adam Tauno Williams adam at morrison-ind.com
Tue Sep 27 09:04:11 EDT 2005

Previous message: [KLUG Members] php and quotation marks
Next message: [KLUG Members] php and quotation marks
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> $update=$_GET['update'];
> $catnum=$_GET['jeop_catnum'];
> $category=$_GET['jeop_category'];
> $ques2=$_GET['jeop_ques2'];
> $ans2=$_GET['jeop_ans2'];
> $ques4=$_GET['jeop_ques4'];
> $ans4=$_GET['jeop_ans4'];
> $ques8=$_GET['jeop_ques8'];
> $ans8=$_GET['jeop_ans8'];
> $ques16=$_GET['jeop_ques16'];
> $ans16=$_GET['jeop_ans16'];
> $ques32=$_GET['jeop_ques32'];
> $ans32=$_GET['jeop_ans32'];
> $ques64=$_GET['jeop_ques64'];
> $ans64=$_GET['jeop_ans64'];
> $ques128=$_GET['jeop_ques128'];
> $ans128=$_GET['jeop_ans128'];
> $ques256=$_GET['jeop_ques256'];
> $ans256=$_GET['jeop_ans256'];

Dude, use an array! :)

> if ($update=='true') {
> 	$query="UPDATE single SET
> 	category='$category', ques2='$ques2', ans2='$ans2', ques4='$ques4', 
> ans4='$ans4', ques8='$ques8', ans8='$ans8', ques16='$ques16', 
> ans16='$ans16', ques32='$ques32', ans32='$ans32', ques64='$ques64', 
> ans64='$ans64', ques128='$ques128', ans128='$ans128', 
> ques256='$ques256', ans256='$ans256'
> 	WHERE catnum='$catnum' ";

Use addslashes when storing a string to a database.  The slashes
themselves won't get stored, the RDBMS will discard them, and the string
will be stored properly (assuming everything is configured correctly).

$query = sprintf('UPDATE single SET category="%s", ques2="%s", ans2="%
s", ques4="%s", ans4="%s", ques8="%s", ans8="%s", ques16="%s", ans16="%
s", ques32="%s", ans32="%s", ques64="%s", ans64="%s", ques128="%s",
ans128="%s", ques256="%s", ans256="%s"',
  addslashes($category), addslashes$ques2), addslashes($ans2),
addslashes($ques4), 
  addslashes($ans4), addslashes($ques8), addslashes($ans8),
addslashes($ques16), 
  addslashes($ans16), addslashes($ques32), addslashes($ans32),
addslashes($ques64),
  addslashes($ans64), addslashes($ques128), addslashes($ans128),
addslashes($ques256),
  addslashes($ans256));
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://www.kalamazoolinux.org/pipermail/members/attachments/20050927/d1737f49/attachment.bin

Previous message: [KLUG Members] php and quotation marks
Next message: [KLUG Members] php and quotation marks
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Members mailing list