Linked Questions
17 questions linked to/from Escaping single quote in PHP when inserting into MySQL
2769
votes
27
answers
2.2m
views
How can I prevent SQL injection in PHP?
If user input is inserted without modification into an SQL query, then the application becomes vulnerable to SQL injection, like in the following example:
$unsafe_variable = $_POST['user_input'];
...
23
votes
2
answers
2k
views
Storing values with single quote in MySQL [duplicate]
I started learning PHP coding earlier October, the issue which is causing my trouble is that my users need to store text in the database (and the text would probably contain single and double quotes). ...
- 554
5
votes
2
answers
592
views
How can I escape single quotes in this scenario? [duplicate]
I have a page which makes a jquery call to an api to receive multiple wikipedia urls. I then
extract the article names from the url (i.e. get science from http://en.wikipedia.org/science etc), add ...
- 1,847
0
votes
3
answers
412
views
Can't Save MySQL Query [duplicate]
I'm having an issue with my MySQL query/php, I try to update a row in my database that will work usually, but when the string has a ' in it, for example
I don't like green eggs and ham.
The ' in it ...
- 21
-1
votes
2
answers
75
views
run mysql query without reloading webpage [duplicate]
I am generating a table via if loop, and if data is not found an is displayed so I can type the data needed.
Then I needed that when I click outside of the textbox the data is saved in the database.
...
- 43
0
votes
0
answers
16
views
Inputting an apostrophe in my search box throws up an error [duplicate]
website running php 5.2. Inputting text in my search box containing an apostrophe throws up this message : You have an error in your SQL syntax; check the manual that corresponds to your MariaDB ...
- 1
71
votes
4
answers
66k
views
Examples of SQL Injections through addslashes()?
In PHP, I know that mysql_real_escape is much safer than using addslashes.
However, I could not find an example of a situation where addslashes would let an SQL Injection happen.
Can anyone give some ...
- 49.6k
24
votes
11
answers
130k
views
Warning: mysqli_real_escape_string() expects exactly 2 parameters, 1 given... what I do wrong? [duplicate]
I try make php login but I get this error: Warning: mysqli_real_escape_string() expects exactly 2 parameters, 1 given, what I do wrong?
register.php
<!doctype html>
<html lang"fi"&...
- 447
1
vote
4
answers
3k
views
codeigniter : searching string with quotes( ' or " ) showing error
i am try to implement a search that but it shows error when I use Single Quotes like (manu's ,ramu's)
When I change my term part like %".$term."% and use back quotes it shows same error.
Query :
...
- 83
4
votes
4
answers
485
views
Blank page after attempt to insert
Whenever I try to insert data into my database 'users' I always get a blank page. It doesn't give me any errors, it doesn't include 'mainmenu.php', or return any feedback what so ever. Can someone ...
- 67
3
votes
1
answer
2k
views
PHP & MySQL INSERT INTO problem
Any ideas why the following code is not adding anything into the database once the user fills out the form? I'd really appreciate it.
Thank you!
if($_SESSION['loginSuccess']==1) {
// ==...
- 2,265
-2
votes
2
answers
867
views
Inserting a chat message into a database [duplicate]
So I use the following line of code to insert a chat message into my MySQL database:
$this->db->query("INSERT INTO group_messages (group_message_text,group_message_group_id,...
- 2,408
1
vote
1
answer
765
views
Phpmyadmin MySQL Syntax [closed]
If a value like this value : 's-Gravenhage will submit into my database
Then the form is not submitted and i see a error:
Error: You have an error in your SQL syntax; check the manual that ...
- 181
0
votes
2
answers
407
views
value with $ symbol in sql query where clause when execute in php [duplicate]
I am adding value that start with $ symbol in sql where clause. I execute the query in php.
worked - when wrap $n in double quote and whole query in single quote
$query= 'SELECT * FROM a
...
- 2,004
0
votes
2
answers
66
views
Troubles using mysql insert from php
So I'm using a little script on php for a webpage adminisitration, and I get to do an item registration, so I get all my params and send them to the script to build an INSERT for the database (mysql). ...
- 1