StackOverflow2013

Note that there are some explanatory texts on larger screens.

plurals

POError when saving to MySQL when field contains ' character
primarykey
Id
13916756
data
AcceptedAnswerId
13916810
AnswerCount
2
ClosedDate
CommentCount
2
CommunityOwnedDate
CreationDate
2012-12-17T15:13:28.603
FavoriteCount
0
LastActivityDate
2012-12-17T17:41:29.587
LastEditDate
2012-12-17T16:29:11.710
LastEditorUserId
50866
OwnerUserId
1907862
ParentId
0
PostTypeId
1
Score
1
ViewCount
194
LastEditorDisplayName
text
Body
<p>I have a form with PHP that saves a variable to a MySQL database. That form worked on a VPS, but when trying it on another VPS it gives an error when trying to write to the database when the field contains a ' character. So the same PHP code works on 1 VPS when the field contains a ' character, but not on the other VPS.</p> <p>Here it works: <a href="http://www.zoekmachineoptimalisatie.us/test.php" rel="nofollow">http://www.zoekmachineoptimalisatie.us/test.php</a> and here (it's the other VPS) it gives an error: <a href="http://www.onzebruidsfotograaf.nl/test.php" rel="nofollow">http://www.onzebruidsfotograaf.nl/test.php</a></p> <p>My form:</p> <pre><code><?php $hostname = "localhost"; //host name $dbname = "xxxxxxxx"; //database name $username = "xxxxxxxx"; //username you use to login to php my admin $password = "xxxxxxxx"; //password you use to login $conn = new MySQLi($hostname, $username, $password, $dbname); ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"/> <title>Untitled Document</title> </head> <body> <?php if (isset($_POST['Submit'])) { //if the submit button is clicked $title = $_POST['updatetitle']; $bookid = 1; $update = "UPDATE test SET Title='$title' WHERE BookID = " . $bookid; $conn->query($update) or die("Cannot update"); //update or error } ?> <?php $bookid = 1; $sql = "SELECT * FROM test WHERE BookID = '" . $bookid . "'"; $result = $conn->query($sql) or die(mysql_error()); $query = getenv(QUERY_STRING); parse_str($query); ?> <h2>Update Record <?php echo $bookid;?></h2> <form action="" method="post"> <?php while ($row = $result->fetch_assoc()) { ?> <textarea name="updatetitle" cols="100" rows="30"><?php echo $row['Title']; ?></textarea> <table border="0" cellspacing="10"> <tr> <td><INPUT TYPE="Submit" VALUE="Update the Record" NAME="Submit"></td> </tr> </table> <?php } ?> </form> <?php if ($update) { //if the update worked echo "<b>Update successful!</b>"; } ?> </body> </html> </code></pre>
Tags
<php><mysql><mysqli>
Title
Error when saving to MySQL when field contains ' character
singulars
PostAcceptedAnswerId
1. PO
  singulars
  PostTypePostTypeId
  PTAnswer
PostParentId
1. This table or related slice is empty.
PostTypePostTypeId
1. PTQuestion
UserLastEditorUserId
1. USMark Davidson
UserOwnerUserId
1. USDimitri Visser
plurals
PostLinksPostIdRelatedPostId
1. PL
  singulars
  LinkTypeLinkTypeId
  LTLinked
PostLinksRelatedPostIdPostId
1. This table or related slice is empty.
PostsAcceptedAnswerId
1. This table or related slice is empty.
PostsParentIdCreationDate
1. PO
  singulars
  PostTypePostTypeId
  PTAnswer
2. PO
  singulars
  PostTypePostTypeId
  PTAnswer
VotesPostIdCreationDate
1. VO
  singulars
  PostPostId
  POError when saving to MySQL when field contains ' character
  UserUserId
  This table or related slice is empty.
  VoteTypeVoteTypeId
  VTUpMod
2. VO
  singulars
  PostPostId
  POError when saving to MySQL when field contains ' character
  UserUserId
  This table or related slice is empty.
  VoteTypeVoteTypeId
  VTApproveEditSuggestion
CommentsPostId
1. CODo not use `query` when variables are involved with the SQL statement. Use `prepare`(, `bind`) and `execute`. See http://php.net/mysqli.prepare
  singulars
  PostPostId
  POError when saving to MySQL when field contains ' character
  UserUserId
  UShakre
2. COIt's called [SQL injection](http://bobby-tables.com), and you should learn about it before you go any farther with this code.
  singulars
  PostPostId
  POError when saving to MySQL when field contains ' character
  UserUserId
  USMarc B

Querying!

Guidance

A row detail

Detail views are divided into sections. All the information in the data section comes from columns in the selected row. The other sections display data from other, related rows.

Related data can be related in a to-one or a to-many fashion. Captions of data related in a to-many fashion link to a list view showing a filtered view of the table.

Try moving around until you find a non-empty to-many entry and click on the label to get to one. You can move back to the root by clicking on the database name in the header.