+ Post New Thread
Results 1 to 4 of 4
Web Development Thread, PHP/mysql website cms problem in Coding and Web Development; For the new website we are hoping to implement sometime soon at our school, I have developed a php/mysql powered ...
  1. #1

    Join Date
    Dec 2006
    Location
    US
    Posts
    300
    Thank Post
    64
    Thanked 17 Times in 16 Posts
    Rep Power
    18

    PHP/mysql website cms problem

    For the new website we are hoping to implement sometime soon at our school, I have developed a php/mysql powered content management system. It works good, except anytime single quotation marks ' are used, it says "you have an error in your sql syntax. Please check the manual..."

    I know the basic statement is ok, because I can save pages without the quotation marks. Is there somthing I need to do to allow these? Below is a sample from the php page that saves the page. I can tell something about the single quote triggers the error (I am guessing it is ending the sql statement halfway through, but have no clue how to rewrite it properly).

    Thanks for any help.

    A note:
    -$ta is the name of the CMS textbox

    PHP Code:
       if (isset($_POST['submitcontent'])) { 
         
    $ta $_POST['ta'];
         
    $pagename $_POST['pagename'];
    }

         
    $sql "UPDATE cms SET 
                 content='
    $ta'
                 WHERE pagename='
    $pagename'"
           if (@
    mysql_query($sql)) { 
           
    //include ('head.php');
           
    echo('
    <center><font size="4" color=navy face=arial>Edit Page</font><center>
    <font size="2" color="green">[b]Page saved successfully.[/b][/b]</font></p>'
    ); 
          include 
    'template/foot.php'

  2. #2

    Join Date
    Jun 2006
    Posts
    38
    Thank Post
    0
    Thanked 1 Time in 1 Post
    Rep Power
    0

    Re: PHP/mysql website cms problem

    Id have wrote it like

    $sql = "UPDATE cms SET
    content='{$ta}'
    WHERE pagename='{$pagename}'";

    Or

    $sql = "UPDATE cms SET
    content=".$ta."
    WHERE pagename=".$pagename;

    None of which may be the correct/best way but if it works its good enough for me

    Whats going to be in the $ta textbox ? you might have to deal with ' / etc . Check http://uk2.php.net/manual/en/functio...ape-string.php

    which can be include in the query like..

    $sql = "UPDATE cms SET
    content=".mysql_real_escape_string($ta)."
    WHERE pagename=".$pagename;

  3. #3

    webman's Avatar
    Join Date
    Nov 2005
    Location
    North East England
    Posts
    8,406
    Thank Post
    640
    Thanked 961 Times in 661 Posts
    Blog Entries
    2
    Rep Power
    324

    Re: PHP/mysql website cms problem

    Have a look at addslashes().

  4. #4

    Join Date
    Dec 2006
    Location
    US
    Posts
    300
    Thank Post
    64
    Thanked 17 Times in 16 Posts
    Rep Power
    18

    Re: PHP/mysql website cms problem

    Thank you to both EeEk and webman for your help.
    I tried all of your suggestions and addslashes worked the best.

    For future reference to anyone else that has this problem, below is how I corrected the code to make it work without errors:

    PHP Code:
    $data_slashes addslashes($ta);

    $sql "UPDATE cms SET 
    content='
    {$data_slashes}'
    WHERE pagename='
    {$pagename}'"

    Thanks again for the help.

SHARE:
+ Post New Thread

Similar Threads

  1. MYSQL Help
    By danIT in forum General Chat
    Replies: 2
    Last Post: 18th December 2007, 09:52 PM
  2. MySQL Password Problem
    By Ric_ in forum *nix
    Replies: 4
    Last Post: 13th September 2007, 11:28 AM
  3. Website rendering problem
    By beeswax in forum Web Development
    Replies: 4
    Last Post: 23rd May 2007, 09:22 AM
  4. ok website problem
    By russdev in forum Web Development
    Replies: 5
    Last Post: 31st March 2006, 12:12 PM
  5. Problem with copy of website
    By richard in forum Web Development
    Replies: 6
    Last Post: 6th February 2006, 12:06 PM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •