douzhui1972
2016-01-30 16:16
浏览 146
已采纳

使用单引号或双引号插入或发布数据时出现问题

Still very new to mysqli / php and am building a form for data entry. When I post the data and then go back to view it, anytime there was a single quote (') or double-quote ("), it down displays with a slash in front of it.

For example, if I insert Hadrian's Wall, it comes back and displays as Hadrian\'s Wall. How would one have it display as it was originally intended.

Also, each time I update it, it adds more slashes. So the first time I updated Hadrian's Wall, it became Hadrian\'s Wall. The second time it became Hadrian\'s Wall, the third time it became Hadrian\\'s Wall and so on.

My post.php file code is:

<?php

define('DB_SERVER', "*****");
define('DB_USER', "*****");
define('DB_PASSWORD', "*****");
define('DB_TABLE', "*****");

// The procedural way
$mysqli = mysqli_connect(DB_SERVER, DB_USER, DB_PASSWORD, DB_TABLE);
$mysqli->set_charset("utf8");
$mysqli->query("SET NAMES 'utf8'");

if (mysqli_connect_errno($mysqli)) {
    trigger_error('Database connection failed: '  . mysqli_connect_error(), E_USER_ERROR);
}

$lvmID = $_POST['lvmID']; 
$toestelID = $_POST['toestelID']; 
$toestel = $_POST['toestel'];
$erlr = $_POST['erlr'];
$inschrijvingnmr = $_POST['inschrijvingnmr'];
$status = $_POST['status'];
$cn = $_POST['cn'];
$ln = $_POST['ln'];
$delivered = $_POST['delivered'];
$vliegtuignaam = $_POST['vliegtuignaam'];
$became = $_POST['became'];
$vorigeLVMID = $_POST['vorigeLVMID'];
$vorigeInschrijv = $_POST['vorigeInschrijv'];
$firstflight = $_POST['firstflight'];
$engines = $_POST['engines'];
$configuratie = $_POST['configuratie'];
$remark = $_POST['remark'];
$specialekleuren = $_POST['specialekleuren'];
$fleetnmr = $_POST['fleetnmr'];
$inactive = $_POST['inactive'];
$exitdate = $_POST['exitdate'];
$beeld = $_POST['beeld'];
$beeld_linkje = $_POST['beeld_linkje'];
$beeld_copyright = $_POST['beeld_copyright'];
$photouse_approve = $_POST['photouse_approve'];
$photouse_approve_date = $_POST['photouse_approve_date'];
$beeld_comment = $_POST['beeld_comment'];
$seatmap = $_POST['seatmap'];
$id = $_POST['id'];

$sql = "
UPDATE tbl_vliegtuiggegevens SET lvmID=?, toestelID=?, toestel=?, erlr=?, inschrijvingnmr=?, status=?, cn=?, ln=?, delivered=?, vliegtuignaam=?, became=?, vorigeLVMID=?, vorigeInschrijv=?, firstflight=?, engines=?, configuratie=?, remark=?, specialekleuren=?, fleetnmr=?, inactive=?, exitdate=?, beeld=?, beeld_linkje=?, beeld_copyright=?, photouse_approve=?, photouse_approve_date=?, beeld_comment=?, seatmap=? WHERE vliegtuiggegevenID=?";
if(!($stmt = $mysqli->prepare($sql)))
{
  die("Unable to prepare statement");
}
else
{
  $stmt->bind_param("iisssssssssisssssssissssssssi", $lvmID, $toestelID, $toestel, $erlr, $inschrijvingnmr, $status, $cn, $ln, $delivered, $vliegtuignaam, $became, $vorigeLVMID, $vorigeInschrijv, $firstflight, $engines, $configuratie, $remark, $specialekleuren, $fleetnmr, $inactive, $exitdate, $beeld, $beeld_linkje, $beeld_copyright, $photouse_approve, $photouse_approve_date, $beeld_comment, $seatmap, $id);    
  if($stmt->execute())
  {
    echo "Successfully updated";
  }
  else
  {
    die("Update failed");
  }
}

mysqli_close($mysqli);

?>

On the form page that I use to enter the data, my code for one of the forms fields is:

 <input type="text" name="vliegtuignaam" size="40" value="<? echo   
 "$row[vliegtuignaam]"?>">

On the display page, this same field for display would be:

 <td><strong>Vliegtuignaam: </strong></td>
 <td><? echo "$row[vliegtuignaam]"?></td>   

When I try something like it just outputs stripslashes(Hadrian\'s Wall) instead of Hadrian's Wall.

  • 写回答
  • 好问题 提建议
  • 追加酬金
  • 关注问题
  • 邀请回答

1条回答 默认 最新

  • dongwo5589 2016-01-30 16:48
    最佳回答

    "When I try something like it just outputs stripslashes(Hadrian\'s Wall)"

    What you probably tried to do was <td><? echo "stripslashes($row[vliegtuignaam])"?></td> which is incorrect.

    That is why it's showing you the function name because the function is set inside quotes.

    What you need to use is:

    <td><? echo stripslashes($row['vliegtuignaam']);?></td>
    

    or

    <td><? echo stripslashes($row[vliegtuignaam]);?></td>
    

    if the quotes inside the array gives you a hard time.

    As per an example in the manual http://php.net/manual/en/function.stripslashes.php

    echo stripslashes($str);
    

    Full example:

    <?php
    $str = "Is your name O\'reilly?";
    
    // Outputs: Is your name O'reilly?
    echo stripslashes($str);
    ?>
    

    What you could do and as another option, would be to use stripslashes() on the variable(s) before it gets to the query.

    $str = "Is your name O\'reilly?";
    
    $newstring = stripslashes($str);
    

    then go ahead with the insert.

    评论
    解决 无用
    打赏 举报

相关推荐 更多相似问题