warrens0017 Posted July 17, 2018 Share Posted July 17, 2018 Hello everyone, I am running into an issue now to where I am trying to get information from a database but it is only happening when there is an apostrophe in the text. Meaning things, getting the data from the database, there is a word with an apostrophe in it. I get all the information from the start up to the point where the apostrophe is at. For example: The cat can't jump over water. What I will get is this: The can can Then I don't get the rest of my data. Here is the code I am dealing with. Any help would be great. $id = $_POST['id']; $title = $_POST['title']; $writer = $_POST['writer']; $description = $_POST['description']; $date_created = $_POST['date_created']; $message = $_POST['message']; echo "By: ".$writer; echo "Title: ".$title; echo "Description: ".$description; echo "Message: ".nl2br($message); Link to comment Share on other sites More sharing options...
justsomeguy Posted July 17, 2018 Share Posted July 17, 2018 That code doesn't contain any database interaction, but if you're having problems with single quotes then it sounds like you're not using prepared statements to insert data into your database, which would mean that your site is open to SQL injection, which has been the #1 attack vector against web sites for quite a while. You really need to use prepared statements whenever you're trying to move data to your database. Link to comment Share on other sites More sharing options...
warrens0017 Posted July 17, 2018 Author Share Posted July 17, 2018 I was able to figure it out and also prevent SQL injection. Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now