LinuxQuestions.org
Download your favorite Linux distribution at LQ ISO.
Go Back   LinuxQuestions.org > Forums > Non-*NIX Forums > Programming
User Name
Password
Programming This forum is for all programming questions.
The question does not have to be directly related to Linux and any language is fair game.

Notices


Reply
  Search this Thread
Old 04-06-2015, 03:17 PM   #1
Dyzaster
LQ Newbie
 
Registered: Apr 2015
Posts: 2

Rep: Reputation: Disabled
Issues with PHP Comment box, SQL, and apostrophes


Hey guys, so I'm running a website that has a comment box.

For some reason, when someone has a comment which contains an apostrophe, it does not go through.

Anyone know what i need to do to fix this issue? Its a PHP comment box that saves everything to an SQL database.

Here is the code for the form:
Code:
<script>

        function commentSubmit(){
                if(form1.name.value == '' && form1.comments.value == ''){ //exit if one of the field is blank
                        alert('Please type your confession');
                        return;
                }
                var name = form1.name.value;
                var comments = form1.comments.value;
                var xmlhttp = new XMLHttpRequest(); //http request instance

                xmlhttp.onreadystatechange = function(){ //display the content of insert.php once successfully loaded
                        if(xmlhttp.readyState==4&&xmlhttp.status==200){
                                document.getElementById('comment_logs').innerHTML = xmlhttp.responseText; //the chatlogs from the db wi$
                        }
                }
                xmlhttp.open('GET', 'insert.php?comments='+comments, true); //open and send http request
                xmlhttp.send();
        }

                $(document).ready(function(e) {
                        $.ajaxSetup({cache:false});
                        setInterval(function() {$('#comment_logs').load('logs.php');}, 2000);
                });

</script>
 
Old 04-06-2015, 04:38 PM   #2
d072330
Member
 
Registered: Nov 2007
Location: USA
Distribution: CentOS 5/6
Posts: 186

Rep: Reputation: 6
This might help.

http://stackoverflow.com/questions/4...quotation-mark
 
Old 04-07-2015, 03:53 AM   #3
TenTenths
Senior Member
 
Registered: Aug 2011
Location: Dublin
Distribution: Centos 5 / 6 / 7
Posts: 2,896

Rep: Reputation: 1173Reputation: 1173Reputation: 1173Reputation: 1173Reputation: 1173Reputation: 1173Reputation: 1173Reputation: 1173Reputation: 1173
At a glance I don't see anything in there that makes the contents of the "comments" variable HTML "safe" by escaping reserved chars etc.
 
Old 04-08-2015, 11:35 AM   #4
Dyzaster
LQ Newbie
 
Registered: Apr 2015
Posts: 2

Original Poster
Rep: Reputation: Disabled
Ok so i followed that link and saw that i need to add "mysql_real_escape_string" But my only issue is, even after looking at around 15 different examples, i don't know where to place that in my code. I'm new to SQL and still learning with PHP, is there any way you could show me where it goes?
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
LXer: Linux / Unix Desktop Fun: Text Mode ASCII-art Box and Comment Drawing LXer Syndicated Linux News 0 06-12-2012 02:50 PM
Comment Style: HTML, JavaScript, PHP, etc. tangoking Programming 7 12-13-2010 01:51 AM
php comment problem // and /* on Fedora Core 5 and PHP 5.1.4 shakeel_125 Linux - Server 4 09-29-2006 04:42 AM
php comment problem // and /* on Fedora Core 5 and PHP 5.1.4 shakeel_125 Fedora 4 09-29-2006 02:14 AM
Partitioning for Postgres SQL box SixCrayons Linux - General 2 01-08-2005 07:45 PM

LinuxQuestions.org > Forums > Non-*NIX Forums > Programming

All times are GMT -5. The time now is 05:41 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration