www.webdeveloper.com
Results 1 to 3 of 3

Thread: special characters help in feedback form

  1. #1
    Join Date
    Apr 2012
    Posts
    45

    special characters help in feedback form

    Hi

    On one of my customers websites, I have a feedback form that automatically adds the feedback to the testimonials page by adding it to the testimonials database table and displays it on the testimonials page

    I have noticed that if a special character like a ' or something, the feedback is not added

    I can't remember how to do it so that the feedback is added if it has a special character in the text

    Can someone help please

    Kind regards

    Ian

  2. #2
    Join Date
    Dec 2012
    Posts
    101
    Sounds like an issue caused by you not sanitizing your input, try moving to a database extension that supports prepared statements like PDO.

  3. #3
    Join Date
    Aug 2004
    Location
    Ankh-Morpork
    Posts
    19,359
    Quote Originally Posted by iBeZi View Post
    Sounds like an issue caused by you not sanitizing your input, try moving to a database extension that supports prepared statements like PDO.
    +1

    If for some reason you are stuck using the old (and now deprecated) MySQL (not MySQLi) extension, you can make use of the mysql_real_escape_string() function.
    "Please give us a simple answer, so that we don't have to think, because if we think, we might find answers that don't fit the way we want the world to be."
    ~ Terry Pratchett in Nation

    eBookworm.us

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
HTML5 Development Center



Recent Articles