mysql - ckeditor storing datas php -


it's new me use richtext user has able insert pictures or change text. i'm using ckeditor i've trouble it. when user write rich text can write things using apostrophe , comas. i'll use example. let's imagine want write :

it's quite difficult open picture, file  blablabla 

the problem in inserting query looks

insert tab (txt1,txt2) values ('value1','value2')  

if user uses comas or apostrophe richtext cannot correctly inserted. moreover, use longtext in mysql database store text.

my questions :

  • how store richtext written user
  • what type should column in mysql database correctly store richtext able give back

the problem have

    erreur sql !insert detail_article(id,problem,num,url,solving,description) values(16,'chrome : clearing datas',4,'','      \r\nchrome cache clearing :      \r\n\r\n    blablabala      \r\n\r\n     in 'windows explorer', fallowing statment....blablabla       \r\n','') 

it's sample of text think problem caused quotes , coma

your problem must come php script seems not escape pieces of data send.

if it's not working richtext containing commas , apostrophes, it's query send database isn't escape.

for example, if have such content :

$value2 = "catch',em all"; $value1 = "hello boys"; 

and if try store in database without escaping it, resulting sql query looks :

insert tab (value1, value2) values ('hello boys', 'catch', em all); 

which incorrect sql statement because of incorrect syntax.

if use escape method pdo::quote(), input inserted in safe way won't produce error (syntax).

make sure script escape params send either pdo::quote() (https://php.net/manual/fr/pdo.quote.php) or either mysqli_real_escape_string (http://php.net/manual/fr/mysqli.real-escape-string.php)


Comments

Popular posts from this blog

c++ - Difference between pre and post decrement in recursive function argument -

php - Nothing but 'run(); ' when browsing to my local project, how do I fix this? -

php - How can I echo out this array? -