This question already has answers here:
How can I prevent SQL injection in PHP?
(27 answers)
Closed 4 years ago.
I'm trying to insert data into a mysql database, with the code below.
Problem is, my json code containing the value "R\u00f8nde" is changed to "Ru00f8nde" after I insert it into the database.
What is the best way to avoid this?
INSERT INTO jos_payplans_user(user_id, params) VALUES ('24882', '{"modtager":"Anders And","adresse":"Paradisaeblevej 111","postnr":"1234","by":"R\u00f8nde","telefon":"12345678","user_notes":""}')
In json itself avoid the slashes and insert in db
echo json_encode($value, JSON_UNESCAPED_SLASHES);
Related
This question already has answers here:
UTF-8 all the way through
(13 answers)
Closed 3 years ago.
I want to store arabic in mysql database but when I execute query it convert arabic to some numbers like u0645u0631u062du0628u0627
when I print this query in which $datas='hello'
insert into taxi_notification(user_id,message,datetime,type)
values(".$user_id.",'".$datas."',NOW(),'".$type."');
it converts it to
insert into taxi_notification(user_id,message,datetime,type)
values(1965,'\u0645\u0631\u062d\u0628\u0627',NOW(),'admin_notification')
I want to store Arabic string as it display in browser
You must have to change your collation as utf8_general_ci.
This question already has answers here:
How to use mysql_real_escape_string function in PHP
(6 answers)
How can I prevent SQL injection in PHP?
(27 answers)
Closed 5 years ago.
I have the following:
$did=$_GET['deptID'];
variable passed from 1st page and on 2nd page, the link is like and to get data MySQL query is:
$q= mysql_query("select DepName from dep where DepID='$did'")or die(mysql_error());
Now my question is how can I use the mysql_escape_string() function in this query?
This question already has answers here:
How to retrieve the last 4 characters from a mysql database field?
(4 answers)
Getting last 5 char of string with mysql query
(6 answers)
Query to select strings end with certain character
(6 answers)
Closed 5 years ago.
this is my data in the database and i'm using mysql
database image
How do I retreive number "4" from the data using sql command?
USE reverse and left
set #myfield = 1234;
select left(reverse(#myfield),1) as result;
result
4
demo here
http://rextester.com/LTBE34983
This question already has answers here:
python list in sql query as parameter [duplicate]
(16 answers)
Closed 8 years ago.
I'd like to build a query string with a variable length in where clause.
In PHP I might do this like
<?php
$vars=array('john','mike','matt');
$placeHolders=array_fill(0,sizeof($vars),'%s');
$whereClause=" name in (".join(',',$placeHolders).")";
Is there a concise Python translation of this in python
I think I'd use this to create the variable strings:
', '.join('%s' for _ in vars)
That eliminates the need to substring the result and gets you as many placeholders as you have values.
This question already has answers here:
How can I prevent SQL injection in PHP?
(27 answers)
quick function to replace ' with \' in php
(3 answers)
Closed 9 years ago.
How can I insert special characters like ♣ and é into a sql table?
When I try it I get the error below:
You have an error in your SQL syntax; check the manual that
corresponds to your MySQL server version for the right syntax to use
near '] ♣ us3rnamé', '123456789',
'http://blabla.com/blabla/', 'http://' at line 1
The data type is text. I guess that shouldn't matter.
Try addslashes in php documentation
You probably need to tell the database you want to use a different character set. Try sending a query with SET NAMES 'utf8' right after you connect, and before you insert anything.