special characters help in feedback form
On one of my customers websites, I have a feedback form that automatically adds the feedback to the testimonials page by adding it to the testimonials database table and displays it on the testimonials page
I have noticed that if a special character like a ' or something, the feedback is not added
I can't remember how to do it so that the feedback is added if it has a special character in the text
Can someone help please
Sounds like an issue caused by you not sanitizing your input, try moving to a database extension that supports prepared statements like PDO.
Originally Posted by iBeZi
If for some reason you are stuck using the old (and now deprecated) MySQL (not MySQLi) extension, you can make use of the mysql_real_escape_string() function.
"Please give us a simple answer, so that we don't have to think, because if we think, we might find answers that don't fit the way we want the world to be."
~ Terry Pratchett in Nation
Users Browsing this Thread
There are currently 1 users browsing this thread. (0 members and 1 guests)