apostrophe in field name causes edit problem

This topic is locked

apostrophe in field name causes edit problem	7/15/2007 3:09:56 PM
PHPRunner General questions
M mrpeeble author Using build 258 when a record is created with an apostrophe ( o'malley) the record saves with no error. If you then go to edit the record you get an error: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'malley','test','555555555','73','2007-07-15','', '', 'test', '','','kmcspad','')' at line 1 This is a general error. It occurs when there is an error in event code or in SQL. If you then remove the apostrophe from the field name, the record saves with no error. Where do we fix this in code?

Mark as Solved Mark as not solved

6 replies


	Alexey admin 7/16/2007
	Hi, do you have any events on your Edit page ? Looks like you have an error in your event code. Inspect and fix your code.


M	mrpeeble author 7/16/2007
	Hi, do you have any events on your Edit page ? Looks like you have an error in your event code. Inspect and fix your code. I have events in the fr_activefile_events.php file but I cannot see anything wrong with the code, it retrieves and saves records okay. Is it somewhere else? <?php function BeforeAdd(&$values) { { $values["MyUserID"]=$_SESSION["UserID"]; } return true; } ?> <?php function BeforeEdit(&$values, $where) { // Insert a record into another table ****** global $conn; $strSQLInsert = "insert into fr_activefile_audit (DateRequested, Surname, MemberID, Requestor, FileLocated, Comments, MyUserID, Livelink) values ('".$values["DateRequested"]."','".$values["Surname"]."','".$values["MemberID"]."','".$values["Requestor"]."','".$values["FileLocated"]."','".$values["Comments"]."','".$_SESSION["UserID"]."', '".$values["Livelink"]."')"; db_exec($strSQLInsert,$conn); $values["MyTimeStamp"] = now(); return true; } ?>


J	Jane 7/16/2007
	This error happens in the BeforeEdit event. You need to replace all apostrophes with \' in the field values in your query: $values["Surname"]= str_replace("'","\'",$values["Surname"]);


M	mrpeeble author 8/30/2007
	This error happens in the BeforeEdit event. You need to replace all apostrophes with \' in the field values in your query: Jane, thanks that works good! My users however, stay up at night to dream up new ways to make my life miserable. To prevent them from screwing up the Surname sort order I also had to remove spaces they insert before they type a name and change first letter to upper case. My code now looks like this in BeforeEdit: $values["Surname"]= str_replace("'","\'",TRIM(UCWORDS($values["Surname"]))); This works great for saving records, but entries in the list page come out looking like: O\'Malley To clean this up on the list page, I use the following: $row[$col."Surname_value"]=stripslashes($value); This cleans the slashes nicely on the list page. The problem I am having now is on the edit page the record still displays as O\'Malley. Where do I insert the stripslashes for the edit page?


	Alexey admin 8/31/2007
	Hi, please ignore the previoius advice. Don't use str_replace or strip_slashes in your code. To get your pages working modify BeforeEdit event it this way: global $conn; $strSQLInsert = "insert into fr_activefile_audit (DateRequested, Surname, MemberID, Requestor, FileLocated, Comments, MyUserID, Livelink) values ('". $values["DateRequested"]."','". db_addslashes($values["Surname"])."','". db_addslashes($values["MemberID"])."','". db_addslashes($values["Requestor"])."','". db_addslashes($values["FileLocated"])."','". db_addslashes($values["Comments"])."','". db_addslashes($_SESSION["UserID"])."', '". db_addslashes($values["Livelink"])."')"; db_exec($strSQLInsert,$conn); $values["MyTimeStamp"] = now(); return true;


M	mrpeeble author 8/31/2007
	Hi, please ignore the previoius advice. Don't use str_replace or strip_slashes in your code. To get your pages working modify BeforeEdit event it this way: That fixes the "\" on the edit pages nicely, thank you! To remove the extra spaces my users are inserting and the sort order fix for mixed case entries I am still using the following in BeforeEdit before the code you suggested: $values["Surname"]= TRIM(UCWORDS($values["Surname"])); I can see the TRIM being necessary as an added feature, I will certainly have to use it in most of my phprunner apps. The UCWORDS may not be as popular but it does fix the sort order problem.

6 replies

Mark as Solved Reply