mysql - ckeditor storing datas php -
it's new me use richtext user has able insert pictures or change text. i'm using ckeditor i've trouble it. when user write rich text can write things using apostrophe , comas. i'll use example. let's imagine want write :
it's quite difficult open picture, file blablabla
the problem in inserting query looks
insert tab (txt1,txt2) values ('value1','value2')
if user uses comas or apostrophe richtext cannot correctly inserted. moreover, use longtext
in mysql database store text.
my questions :
- how store richtext written user
- what type should column in mysql database correctly store richtext able give back
the problem have
erreur sql !insert detail_article(id,problem,num,url,solving,description) values(16,'chrome : clearing datas',4,'',' \r\nchrome cache clearing : \r\n\r\n blablabala \r\n\r\n in 'windows explorer', fallowing statment....blablabla \r\n','')
it's sample of text think problem caused quotes , coma
your problem must come php script seems not escape pieces of data send.
if it's not working richtext containing commas , apostrophes, it's query send database isn't escape.
for example, if have such content :
$value2 = "catch',em all"; $value1 = "hello boys";
and if try store in database without escaping it, resulting sql query looks :
insert tab (value1, value2) values ('hello boys', 'catch', em all);
which incorrect sql statement because of incorrect syntax.
if use escape method pdo::quote(), input inserted in safe way won't produce error (syntax).
make sure script escape params send either pdo::quote() (https://php.net/manual/fr/pdo.quote.php) or either mysqli_real_escape_string (http://php.net/manual/fr/mysqli.real-escape-string.php)
Comments
Post a Comment