Jump to content
php.lv forumi

peedinjas rada probleemas UPDATE table SET


Recommended Posts

mysql_query("UPDATE contentdata SET data = '$_POST[content]' , date = '$postTime' WHERE id = '$_POST[ide]' ");

izpildot vaicaajumu rodas problemas ja $_POST[content] satur pedinjas

piemeeram ja ir teksts:

 

Sodien apedu 30000 konfektes "Gotina"

tad ieksh DB pievienojas shitik taalu: Šodien apedu 30000 konfektes

 

meeginaaju likt slashes, negribas likt peedinju vietaa citu simbolu un tad taisiit str_replace

Link to post
Share on other sites
mysql_query("UPDATE contentdata SET data = 'mysql_escape_string($_POST[content])' , date = '$postTime' WHERE id = '$_POST[ide]' ");

Tas nu gan nav pareizi! Pareizāk ir:

mysql_query("UPDATE contentdata SET data = '" . mysql_escape_string($_POST[content]) . "' , date = '$postTime' WHERE id ='" . mysql_escape_string($_POST[ide]) . "'");

Link to post
Share on other sites

VenMySQL klases gabals:

function p4q($tmp,$html=0)//prepare data to place in query
{
 if ($html)
  return mysql_escape_string(htmlspecialchars($tmp));
 return mysql_escape_string($tmp);
}
function pp4q($tmp,$html=0)//prepare $_POST data for query
{
 if (empty($_POST[$tmp]))
  return;
 if (get_magic_quotes_gpc())
  $_POST[$tmp]=stripslashes($_POST[$tmp]);
 return $this->p4q($_POST[$tmp],$html);
}

Edited by Venom
Link to post
Share on other sites
×
×
  • Create New...