stackoom
  简体   繁体   中英

Insert values containing special characters into MySQL database

 原文  2014-05-27 07:21:26       php/ mysql

Question

I'm currently trying to setup a comment system with TinyMCE, it's all working with normal characters and PHP tags and so on. But when I comment with this ed o'neill , it just inserts an empty row in my db.

I have htmlspecialchars and mysqli_real_escape_string on the input from my form.

How can I fix the empty row insert? 

$post_content = $_POST['post_content'];
                        //$post_content = htmlspecialchars($post_content);
                        //$post_content = mysqli_real_escape_string($post_content);

2 answers

solution1
 3  2014-05-27 07:28:07

Take a look at prepared statements, it will do all the escaping for you

EDIT: Here's the link to the PHP manual, courtesy of Fred -ii-

solution2
 2 ACCPTED  2014-05-27 07:38:13

You have commented some of your code but mysqli_real_escape_string requires 2 parameters see for more information here 

string mysqli_real_escape_string ( mysqli $link , string $escapestr );

Your code should be : 

$post_content = mysqli_real_escape_string($connection,$post_content); //$connection should be your database connection string

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Special Characters Insert To MySQL Insert special characters in mysql MySQL Insert special characters special characters break mysql insert Special characters misform in database insert How to insert special characters into a database? How insert special characters using mysql insert? PHP Insert into MySQL table text with special characters? Insert special Characters / PHP + MySql + Android special characters replacement in a php to mysql insert script
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM