X-Cart forums - Quote mayhem

X-Cart forums (https://forum.x-cart.com/index.php)

- Changing design (https://forum.x-cart.com/forumdisplay.php?f=51)

- - Quote mayhem (https://forum.x-cart.com/showthread.php?t=3899)

Light Speed

08-05-2003 09:48 PM

Quote mayhem

In the text of a product description if I have double quotes on something like this:

"Me"

It works fine but if there is an apostraphe(single quote) like this within the doubles:

"I'm Me"

I get errors.

INVALID SQL: 1064 : You have an error in your SQL syntax. Check the manual that corresponds to your MySQL server version for the right syntax to use near '

magic_quotes_gpc is enabled so what could cause this?

Light Speed

08-12-2003 11:10 PM

Actually any single quote in description text ' gets an error.

Anybody have an idea of what is causing this please.

kpayne

08-13-2003 05:34 AM

Bad coding.

I don't know if magic_quotes_gpc covers single quotes as well as double. But, it cannot be set at run time (if that's how you're doing it), and it will be overriden by magic_quotes_sybase.

The easiest way is just to fix every instance you stumble across of bad SQL by manually adding "addslashes()" around variables before the query is run.

Light Speed

08-13-2003 09:34 AM

Thanks kpayne :)

Now how am I supposed to go through every php page to "fix" X-Cart's code? uuuuggggghhhh

The strange thing is this doesn't happen on an install I have of 3.3.3 but it does on my install of 3.4.3 on the same server so they broke it somehow :roll:

All times are GMT -8. The time now is 02:43 PM.