+ Post New Thread
Results 1 to 5 of 5
Web Development Thread, MySQL query error if quotes are used in Coding and Web Development; I'm getting a bit puzzled by this. We have a mentor system so that the teachers can add mentor sessions, ...
  1. #1
    cromertech's Avatar
    Join Date
    Dec 2007
    Location
    Cromer by the coast
    Posts
    731
    Thank Post
    177
    Thanked 109 Times in 97 Posts
    Rep Power
    54

    MySQL query error if quotes are used

    I'm getting a bit puzzled by this. We have a mentor system so that the teachers can add mentor sessions, concerns and follow up data. This has been sent to us from another school and I have adapted it to our needs.
    If they add a concern that contains quotes (' or ") it throws a wobbly and the following error appears

    Code:
    Query INSERT INTO tutorial_data (student_id, tutorial_date, teacher_id, details) VALUES ('9990', now(), 'admin', ';'' )
    Result You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '';'' )' at line 2
    I have a copy of this system on my computer and do not get this error. My guess is it's something to do with the configuration of php/MySQL somewhere but I have no idea where to start.

    Works fine without quotes so it's getting stuck with not escaping the characters correctly.

    Can someone point me in the right direction on this as web coding is not a strong point of mine.

  2. #2
    damien.deakes's Avatar
    Join Date
    Sep 2007
    Location
    Doncaster
    Posts
    60
    Thank Post
    12
    Thanked 3 Times in 3 Posts
    Rep Power
    15
    You need to use htmlspecialchars to strip special characters out eg...

    PHP Code:
    <?php
    $new 
    htmlspecialchars("<a href='test'>Test</a>"ENT_QUOTES);
    echo 
    $new// &lt;a href='test'&gt;Test&lt;/a&gt;
    ?>
    Hope that helps

  3. Thanks to damien.deakes from:

    cromertech (19th October 2011)

  4. #3
    cromertech's Avatar
    Join Date
    Dec 2007
    Location
    Cromer by the coast
    Posts
    731
    Thank Post
    177
    Thanked 109 Times in 97 Posts
    Rep Power
    54
    There must be another way as I have two of these systems running on different machines and only get the problem on one.

    something in php.in to make this a global setting?

  5. #4
    cromertech's Avatar
    Join Date
    Dec 2007
    Location
    Cromer by the coast
    Posts
    731
    Thank Post
    177
    Thanked 109 Times in 97 Posts
    Rep Power
    54
    Just in case someone else has this problem the relevant options in php.ini are

    magic_quotes_gpc = On and
    magic_quotes_runtime = On

    This makes php automatically escape characters that would otherwise cause these errors.

  6. #5


    Join Date
    May 2009
    Posts
    3,212
    Thank Post
    284
    Thanked 864 Times in 646 Posts
    Rep Power
    336
    There is a setting : magic_quotes_gpc, which might be the cause of the difference. It's deprecated as of 5.3.0 though. Use mysql_real_escape_string() in the code to deal with data that may contain quotes.

  7. Thanks to pcstru from:

    cromertech (19th October 2011)

SHARE:
+ Post New Thread

Similar Threads

  1. Those of you that are using Citrix for SBC...
    By thewlis in forum Thin Client and Virtual Machines
    Replies: 3
    Last Post: 5th March 2009, 03:43 PM
  2. Replies: 4
    Last Post: 26th February 2009, 11:21 AM
  3. MySql Query - Count chracters
    By danIT in forum Scripts
    Replies: 1
    Last Post: 17th October 2008, 02:17 PM
  4. Simple MySql Query
    By danIT in forum Coding
    Replies: 1
    Last Post: 24th September 2008, 07:19 PM
  5. Client's Are using .bat files.
    By Lesley_tech in forum General Chat
    Replies: 2
    Last Post: 13th June 2008, 04:09 PM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •