Im new to php and i have this code tested with XAMPP at backend
$name = addslashes ($_POST['name']);
$email = addslashes ($_POST['email']);
$paswd = addslashes ($_POST['paswd']);
$sql = "INSERT INTO webusers (username,email,paswd)VALUES('$name','$email','$paswd')";
and here's my code for displaying data include_once('dbcon.php');
$db = mysql_select_db('test');
$sql = "SELECT * FROM webusers";
$result = mysql_query($sql);
$urow = mysql_num_rows($result);
echo"
<table border='1'>
<th>ID</th>
<th>USERNAME</th>
<th>EMAIL</th>
<th>PASSWORD</th>
";
if($result > 0){
while($urow = mysql_fetch_array($result)){
echo "<tr>";
echo" <td class='myinput'>'" .$urow['id']. "'</td>";
echo" <td class='myinput'>'" .$urow['username']. "'</td>";
echo" <td class='myinput'>'" .$urow['email']. "'</td>";
echo" <td class='myinput'>'" .$urow['paswd']. "'</td>";
echo "</tr>";
echo"</table>";
}
}else{
echo"No record";
}
?>
Those code works, except for the data which surprise me why it has a single quote when i show/display it on a table. though i input the data in html . and my magic_quote_gpc was off. is there something i missed or anything wrong with my code? or there is something with my database collation?
i also tried mysql_real_escape_string and mysql_escape_string, nothings change.
thanks for the help.
Otep
