[KLUG Members] php and quotation marks

[Lunitix]

When the categories, questions, and answers are being updated I use the 
htmlspecialchars for displaying the info coming out of the database.  If 
I don't use this anytime a double quote (") is used the string gets cut 
off and then when the information is updated, the cutoff string is 
updated cutoff at the point of the double quote.

Now that htmlspecialchars is used when the string is updated, any string 
that has a single quote (') in it comes back as an error

Example -

1064: You have an error in your SQL syntax. Check the manual that 
corresponds to your MySQL server version for the right syntax to use 
near 's', ques8='Which layer controls transparency', ans8='Alpha Laye
There was an error in the query on table jdouble
The query was
UPDATE jdouble SET category='GIMP', ques4='What does the Acronym "GIMP" 
stand for ', ans4='GNU Image Manipulation Program's', ques8='Which layer 
controls transparency',

So my update page, which is the code you have seen, needs to escape the 
single quotes (') that get returned to the database in the info that I 
want stored in the database.

Minding of Madness
Jon
Lunitix wrote:
> I, not too long ago, asked a question about quotation marks (") with php 
> and mysql.  The response was to add htmlspecialchars to my code.  That 
> allows the quotation marks (") can now be used, but the flipside is that 
> single quotes (') now creates the errors that the double quotes did.
> 
> How can I get both the single and double quotes to work?
> 
> Minding of Madness
> Jon
> _______________________________________________
> Members mailing list
> Members at kalamazoolinux.org
> 
>