Re: Re(2): Test (fwd)
| От | Mitch Vincent |
|---|---|
| Тема | Re: Re(2): Test (fwd) |
| Дата | |
| Msg-id | 004601c0f525$8b7d3e90$0200000a@Mitch обсуждение исходный текст |
| Ответ на | Test (fwd) (Chadwick Rolfs <c2304182@webdevel.urban.csuohio.edu>) |
| Ответы |
Re: Re(2): Test (fwd)
(Frank Joerdens <frank@joerdens.de>)
|
| Список | pgsql-php |
The apostrophe being a special character in PostgreSQL (and most other
databases), it needs to be escaped if you wish it to go nicely into a
query..
addslashes() and related functions will help there.
Another thing to keep in mine is htmlspecialchars() -- it's very useful
when someone might put a double quote in your form field -- which could
seriously mess up when you have something like <INPUT TYPE="TEXT"
NAME="Whatever" VALUE="this is what I'm "talking" about"> , sort of thing.
I missed the first post so please excuse me if I'm way off base.. Good
luck!
-Mitch
----- Original Message -----
From: "Adam Lang" <aalang@rutgersinsurance.com>
To: <pgsql-php@postgresql.org>
Sent: Thursday, June 14, 2001 1:28 PM
Subject: Re: Re(2): [PHP] Test (fwd)
> It could fluctuate on each database, so always check the appropriate
> documentation, but...
>
> the standard way usually is to double the apostrophe
>
> O'Brien would be O''Brien (the middle is two apostrophes, not a quote)
>
> Adam Lang
> Systems Engineer
> Rutgers Casualty Insurance Company
> http://www.rutgersinsurance.com
> ----- Original Message -----
> From: "Gary Hoffman" <ghoffman@ucsd.edu>
> To: <pgsql-php@postgresql.org>
> Cc: <aalang@rutgersinsurance.com>
> Sent: Thursday, June 14, 2001 1:12 PM
> Subject: Re(2): [PHP] Test (fwd)
>
>
> > aalang@rutgersinsurance.com writes:
> > >
> > >Plus, you have to make sure to check for apostrophes. That will break
> > >your
> > >SQL statement if someone typed them into the text field.
> > >
> >
> > Well, this caveat had never occured to me. So how does someone enter
> > strings with enclosed apostrophes, as in the Irish surname O'Mallory or
> > the Yemeni placename Sana'a?
> >
> > Gary
> >
> >
**************************************************************************
> > * Gary B. Hoffman, Computing Services Manager e-mail: ghoffman@ucsd.edu
*
> > * Graduate School of International Relations and Pacific Studies (IR/PS)
*
> > * University of California, San Diego (UCSD) voice: (858) 534-1989
*
> > * 9500 Gilman Dr. MC 0519 fax: (858) 534-3939
*
> > * La Jolla, CA 92093-0519 USA web: http://www-irps.ucsd.edu/
*
> >
**************************************************************************
> >
> >
>
>
> ---------------------------(end of broadcast)---------------------------
> TIP 4: Don't 'kill -9' the postmaster
>
В списке pgsql-php по дате отправления: