Re: Select Value with 's

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



hi

ok - than make it this way:

$info = mysql_query( Select * From customer Where customer.customer LIKE "St
Mary's Hospital");

anyways - shouldn't it be like this?:

$FF = "St Mary's Hospital";
$info = mysql_query('Select * From customer Where customer.customer LIKE
"'.$FF.'"');

_ma

# life would be easier if i knew the source code...

> Von: "Aleks @ USA.net" <Aleks.k@xxxxxxx>
> Datum: Wed, 5 Nov 2003 14:01:37 -0500
> An: "'ma'" <grillen@xxxxxxxxxxxxxx>, "'PHP-DB'" <php-db@xxxxxxxxxxxxx>
> Betreff: RE:  Select Value with 's
> 
> Sorry I left out the exact form....
> 
> It is
> 
> $info = mysql_query( Select * From customer Where customer.customer LIKE 'St
> Mary's Hospital');
> 
> 
> 
> -----Original Message-----
> From: ma [mailto:grillen@xxxxxxxxxxxxxx]
> Sent: Wednesday, November 05, 2003 1:56 PM
> To: PHP-DB
> Subject: Re:  Select Value with 's
> 
> hi
> 
> think you should use ' when you create the query and " in the SQL-statement
> for comparison:
> 
> $qry = 'SELECT *
> FROM customer
> WHERE customer.customer LIKE "'.$FF.'"';
> 
> _ma 
> 
> # life would be easier if i knew the source code...
> 
>> Von: "Aleks @ USA.net" <Aleks.k@xxxxxxx>
>> Datum: Wed, 5 Nov 2003 13:52:51 -0500
>> An: "'CPT John W. Holmes'" <holmes072000@xxxxxxxxxxx>, "'ma'"
>> <grillen@xxxxxxxxxxxxxx>, "'PHP-DB'" <php-db@xxxxxxxxxxxxx>
>> Betreff: RE:  Select Value with 's
>> 
>> Thanks John for the answer.... But...
>> 
>> Now my select statement on the Result.php page errors out when The
>> value has the [']in it..... What the select statement looks like now
>> Is
>> 
>> Select *
>> From customer
>> Where customer.customer LIKE 'St Mary's Hospital'
>> 
>> Error message is
>> 
>> Warning mysql_fetch_array(): supplied argument is not a valid MySQL
>> result
>> 
>> 
>> 
>> 
>> 
>> -----Original Message-----
>> From: CPT John W. Holmes [mailto:holmes072000@xxxxxxxxxxx]
>> Sent: Wednesday, November 05, 2003 1:45 PM
>> To: Aleks @ USA.net; 'ma'; 'PHP-DB'
>> Subject: Re:  Select Value with 's
>> 
>> From: "Aleks @ USA.net" <Aleks.k@xxxxxxx>
>>> First I build my select list:
>>> 
>>>     <SELECT NAME="Cid" size="1">
>>>     <OPTION Selected VALUE="">All Customers</OPTION>
>>> 
>>> <?
>>>  While ($Site = mysql_fetch_array($S))  {
>>>   $Sid = $Site["CID"];
>>>   $SName = htmlspecialchars($Site["Customer"]);
>>>   echo("<option value='$SName'>$SName</options>\n");
>> 
>> Easy fix: echo("<option value=\"$SName\">$SName</options>\n");
>> 
>> Long version:
>> 
>> htmlspecialchars() does not change single quotes unless you pass
>> ENT_QUOTES as the second parameter. What you're ending up with is a value
> such as:
>> 
>> value='St. Mary's'
>> 
>> which, HTML will interpret as a value of "St. Mary" and an unknown s'
>> attribute. So,
>> 
>> $SName = htmlspecialchars($Site["Customer"], ENT_QUOTES);
>> echo("<option value='$SName'>$SName</options>\n");
>> 
>> will convert single quotes to HTML entities and not affect the value.
>> 
>> The "easy fix" above works because it uses double quotes around the
>> value and htmlspecialchars() already changes double quotes by default.
>> 
>> ---John Holmes...
>> 
> 
> --
> PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit:
> http://www.php.net/unsub.php
> 
> -- 
> PHP Database Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
> 

-- 
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php


[Index of Archives]     [PHP Home]     [PHP Users]     [Postgresql Discussion]     [Kernel Newbies]     [Postgresql]     [Yosemite News]

  Powered by Linux