Why when i typed "+-1-23$%^&sdfsdf/><" in the textarea but it save only "-1-23$%^" into database?
Code :
function postingMsg (){
$('.error').hide();
var messageposting2= $("textarea#messageposting").val();
var dataString = 'messageposting2='+ messageposting2;
$.ajax({
type: "POST",
url: "note-send.php",
data: dataString,
success: function(msg) {
msg = parseFloat(msg)
}
});
return false;
}
if ((isset($_POST['messageposting2'])) && (strlen($_POST['messageposting2']) > 0)) {
$messageposting3 = $_POST['messageposting2'];
$sql = "UPDATE users
SET my_note=?
WHERE user_id=?";
$q = $conn->prepare($sql);
$q->execute(array($messageposting3, $_SESSION['user_id']));
echo "1";
} else {echo "0";}
It has nothing to do with PDO or your database. You must URL-encode your string before sending it through Ajax.
var dataString = 'messageposting2='+ encodeURIComponent(messageposting2);
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.