PHP MYSQL (should be easy :) )

[WebWatcher]

For the life of me I cannot remember how to fix it so can someone here rejig my memory.....

PROBLEM: in a mysql db I have a value "Lance O'Connor" but when i read the value in php it comes out as "Lance O" can somebody please remind me how I get the value to come out on php as "Lance O'Connor"!!

Thanks in advance

 

[2WDH.com]

Hi WebWatcher.

You probably need to use "addslashes( $your_mysql_value )".
How exactly do you read the value in php at the moment? Can you show that part of your code?

 

[themoose]

Hm.. are you sure it's Lance O' Connor in your database? Have you checked the actual database?

You probably need to use "addslashes( $your_mysql_value )".
How exactly do you read the value in php at the moment? Can you show that part of your code?

Better to do mysql_real_escape_string( $your_mysql_value );

And yeah, show us your code!

 

[WebWatcher]

$ge = mysql_query("SELECT * FROM table'");
while($get = mysql_fetch_array($ge)) {
$val = $get['name'];
}

Thats the code

 

[themoose]

Well, that should work. Go into phpmyadmin and check to see if it's stored as Lance O'Connor or just Lance O.

Just saw an extra ' right at the end of your query... take that out also.

 

[WebWatcher]

where abouts would i add mysql_real_escape_string( $your_mysql_value );

 

[themoose]

If you're doing an SQL query anywhere that uses POST data, to protect against SQL injection.

<?php
$myvar = $_POST['myvar']; // don't ever do this
$myvar = mysql_real_escape_string($_POST['myvar']); // Use it when you're getting data that a user can input; also $_GET, $_REQUEST

mysql_query("INSERT INTO mytable (`field`) VALUES ('$myvar')");
mysql_query("SELECT * FROM mytable WHERE field='$myvar'");
mysql_query("UPDATE mytable SET field='$myvar'");

 

[WebWatcher]

Ive done that but now when i read it instead of getting "Ben Te'o" I get "Ben Te\"

Please help

 

[themoose]

Can you paste your exact insert code and the output code... because this shouldn't be happening.

 

[WebWatcher]

$ge = mysql_query("SELECT * FROM table WHERE homawa='a'");
while($get = mysql_fetch_array($ge)) {
$name = $get['value'];
}

Thats the code used to read it. The value = "John O'Connor" and all it outputs when I use:

echo"$name";

is John O

Is it maybe a setting problem with mysql or something?

 

[themoose]

Try changing
while($get = mysql_fetch_array($ge)) {

to
while($get = mysql_fetch_array($ge, MYSQL_ASSOC)) {

 

[WebWatcher]

Did not help

 

[themoose]

Can you

print_r($get);

(within the while loop) for me.