Jump to content
Sign in to follow this  
warrens0017

Getting information from Database

Recommended Posts

Hello everyone,

I am running into an issue now to where I am trying to get information from a database but it is only happening when there is an apostrophe in the text. Meaning things, getting the data from the database, there is a word with an apostrophe in it. I get all the information from the start up to the point where the apostrophe is at. For example:

The cat can't jump over water.

What I will get is this:

The can can 

Then I don't get the rest of my data.

 

Here is the code I am dealing with. Any help would be great.

$id = $_POST['id'];
$title = $_POST['title'];
$writer = $_POST['writer'];
$description = $_POST['description'];
$date_created = $_POST['date_created'];
$message = $_POST['message'];

echo "By: ".$writer;
echo "Title: ".$title;
echo "Description: ".$description;
echo "Message: ".nl2br($message);

 

Share this post


Link to post
Share on other sites

That code doesn't contain any database interaction, but if you're having problems with single quotes then it sounds like you're not using prepared statements to insert data into your database, which would mean that your site is open to SQL injection, which has been the #1 attack vector against web sites for quite a while.  You really need to use prepared statements whenever you're trying to move data to your database.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

×