Hi
I want to filter a form input for html/and php tags.
so far i've got this:
$Text = htmlspecialchars($Text);
$Text = nl2br($Text);
$Text = ereg_replace("\n","",$Text);
This is my query:
$query = "INSERT INTO Reactie VALUES ('$Submitter', '$ReactionDateTime', '$UserEmail', '$Text', '$NewsID')";
The problem is that if $Text contains a 'character it will cause an error in the query
example
$text = " Test ' character";
So the actual query would be:
$query = "INSERT INTO Reactie VALUES ('$Submitter', '$ReactionDateTime', '$UserEmail', 'Test ' character', '$NewsID')";
Notice the ' character will close the $Text input and leaving a ' character lonely (after the word character).
Please help me, thanx in advance
I want to filter a form input for html/and php tags.
so far i've got this:
$Text = htmlspecialchars($Text);
$Text = nl2br($Text);
$Text = ereg_replace("\n","",$Text);
This is my query:
$query = "INSERT INTO Reactie VALUES ('$Submitter', '$ReactionDateTime', '$UserEmail', '$Text', '$NewsID')";
The problem is that if $Text contains a 'character it will cause an error in the query
example
$text = " Test ' character";
So the actual query would be:
$query = "INSERT INTO Reactie VALUES ('$Submitter', '$ReactionDateTime', '$UserEmail', 'Test ' character', '$NewsID')";
Notice the ' character will close the $Text input and leaving a ' character lonely (after the word character).
Please help me, thanx in advance