This question already has answers here:
How can I prevent SQL injection in PHP?
(27 answers)
Closed 4 years ago.
How can I select a row in MySQL db where the value of a column contains ' and \ ?
For example, I want to select a column that matches this types of string:
https://www.mayoclinic.org/diseases-conditions/hirschsprung\'s-disease/symptoms-causes/syc-20351556
What can I do to achieve what I want?
This should work, both characters must be escaped into the query:
SELECT * FROM `urls` WHERE text LIKE "%\\\\\'%"
Related
This question already has answers here:
How can I prevent SQL injection in PHP?
(27 answers)
Closed 4 years ago.
I'm trying to insert data into a mysql database, with the code below.
Problem is, my json code containing the value "R\u00f8nde" is changed to "Ru00f8nde" after I insert it into the database.
What is the best way to avoid this?
INSERT INTO jos_payplans_user(user_id, params) VALUES ('24882', '{"modtager":"Anders And","adresse":"Paradisaeblevej 111","postnr":"1234","by":"R\u00f8nde","telefon":"12345678","user_notes":""}')
In json itself avoid the slashes and insert in db
echo json_encode($value, JSON_UNESCAPED_SLASHES);
This question already has answers here:
When to use single quotes, double quotes, and backticks in MySQL
(13 answers)
What to do with mysqli problems? Errors like mysqli_fetch_array(): Argument #1 must be of type mysqli_result and such
(1 answer)
Reference - What does this error mean in PHP?
(38 answers)
Closed 5 years ago.
This is the php code thats getting the record from view
the html code
the update code which z not working
First Read This Documentation
Notice the WHERE clause in the UPDATE syntax: The WHERE clause
specifies which record or records that should be updated. If you omit
the WHERE clause, all records will be updated!
$sql = "UPDATE table SET field = '$variable',field2 = '$variable2'";
In Your code problem is in your update query. check that manualy.
This question already has answers here:
How to use mysql_real_escape_string function in PHP
(6 answers)
How can I prevent SQL injection in PHP?
(27 answers)
Closed 5 years ago.
I have the following:
$did=$_GET['deptID'];
variable passed from 1st page and on 2nd page, the link is like and to get data MySQL query is:
$q= mysql_query("select DepName from dep where DepID='$did'")or die(mysql_error());
Now my question is how can I use the mysql_escape_string() function in this query?
This question already has answers here:
How to retrieve the last 4 characters from a mysql database field?
(4 answers)
Getting last 5 char of string with mysql query
(6 answers)
Query to select strings end with certain character
(6 answers)
Closed 5 years ago.
this is my data in the database and i'm using mysql
database image
How do I retreive number "4" from the data using sql command?
USE reverse and left
set #myfield = 1234;
select left(reverse(#myfield),1) as result;
result
4
demo here
http://rextester.com/LTBE34983
This question already has answers here:
How can I prevent SQL injection in PHP?
(27 answers)
quick function to replace ' with \' in php
(3 answers)
Closed 9 years ago.
How can I insert special characters like ♣ and é into a sql table?
When I try it I get the error below:
You have an error in your SQL syntax; check the manual that
corresponds to your MySQL server version for the right syntax to use
near '] ♣ us3rnamé', '123456789',
'http://blabla.com/blabla/', 'http://' at line 1
The data type is text. I guess that shouldn't matter.
Try addslashes in php documentation
You probably need to tell the database you want to use a different character set. Try sending a query with SET NAMES 'utf8' right after you connect, and before you insert anything.