Jump to content

Getting information from Database


warrens0017
 Share

Recommended Posts

Hello everyone,

I am running into an issue now to where I am trying to get information from a database but it is only happening when there is an apostrophe in the text. Meaning things, getting the data from the database, there is a word with an apostrophe in it. I get all the information from the start up to the point where the apostrophe is at. For example:

The cat can't jump over water.

What I will get is this:

The can can 

Then I don't get the rest of my data.

 

Here is the code I am dealing with. Any help would be great.

$id = $_POST['id'];
$title = $_POST['title'];
$writer = $_POST['writer'];
$description = $_POST['description'];
$date_created = $_POST['date_created'];
$message = $_POST['message'];

echo "By: ".$writer;
echo "Title: ".$title;
echo "Description: ".$description;
echo "Message: ".nl2br($message);

 

Link to comment
Share on other sites

That code doesn't contain any database interaction, but if you're having problems with single quotes then it sounds like you're not using prepared statements to insert data into your database, which would mean that your site is open to SQL injection, which has been the #1 attack vector against web sites for quite a while.  You really need to use prepared statements whenever you're trying to move data to your database.

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

×
×
  • Create New...