Using your variables and query, the following, based on one of my own
functional pages, the following should work:

$FF = addslashes($_POST[Cid]);

$info = mysql_query("Select * From customer Where customer.customer LIKE
'$FF' ");

Give it a shot. Hope this helps.

Rich

> -----Original Message-----
> From: ma [mailto:[EMAIL PROTECTED]
> Sent: Wednesday, November 05, 2003 2:29 PM
> To: PHP-DB
> Subject: Re: [PHP-DB] Select Value with 's
> 
> 
> hi
> 
> hm - it would help if you'd send us the code where you 
> generate the query
> 
> _ma
> 
> # life would be easier if i knew the source code...
> 
> > Von: "Aleks @ USA.net" <[EMAIL PROTECTED]>
> > Datum: Wed, 5 Nov 2003 14:23:06 -0500
> > An: "'ma'" <[EMAIL PROTECTED]>, "'PHP-DB'" 
> <[EMAIL PROTECTED]>
> > Betreff: RE: [PHP-DB] Select Value with 's
> > 
> > Tried both... Still no joy...
> > 
> > The statement becomes
> > $info = mysql_query('Select * From customer Where 
> customer.customer LIKE St
> > Mary's Hospital');
> > 
> > Maybe I need to be a little clearer... Seem that the sql 
> statement is now
> > getting the correct value
> > But the extra ['] is confusing it....
> > 
> > 
> > -----Original Message-----
> > From: ma [mailto:[EMAIL PROTECTED]
> > Sent: Wednesday, November 05, 2003 2:07 PM
> > To: PHP-DB
> > Subject: Re: [PHP-DB] Select Value with 's
> > 
> > hi
> > 
> > ok - than make it this way:
> > 
> > $info = mysql_query( Select * From customer Where 
> customer.customer LIKE "St
> > Mary's Hospital");
> > 
> > anyways - shouldn't it be like this?:
> > 
> > $FF = "St Mary's Hospital";
> > $info = mysql_query('Select * From customer Where 
> customer.customer LIKE
> > "'.$FF.'"');
> > 
> > _ma
> > 
> > # life would be easier if i knew the source code...
> > 
> >> Von: "Aleks @ USA.net" <[EMAIL PROTECTED]>
> >> Datum: Wed, 5 Nov 2003 14:01:37 -0500
> >> An: "'ma'" <[EMAIL PROTECTED]>, "'PHP-DB'" 
> <[EMAIL PROTECTED]>
> >> Betreff: RE: [PHP-DB] Select Value with 's
> >> 
> >> Sorry I left out the exact form....
> >> 
> >> It is
> >> 
> >> $info = mysql_query( Select * From customer Where customer.customer
> >> LIKE 'St Mary's Hospital');
> >> 
> >> 
> >> 
> >> -----Original Message-----
> >> From: ma [mailto:[EMAIL PROTECTED]
> >> Sent: Wednesday, November 05, 2003 1:56 PM
> >> To: PHP-DB
> >> Subject: Re: [PHP-DB] Select Value with 's
> >> 
> >> hi
> >> 
> >> think you should use ' when you create the query and " in the
> >> SQL-statement for comparison:
> >> 
> >> $qry = 'SELECT *
> >> FROM customer
> >> WHERE customer.customer LIKE "'.$FF.'"';
> >> 
> >> _ma
> >> 
> >> # life would be easier if i knew the source code...
> >> 
> >>> Von: "Aleks @ USA.net" <[EMAIL PROTECTED]>
> >>> Datum: Wed, 5 Nov 2003 13:52:51 -0500
> >>> An: "'CPT John W. Holmes'" <[EMAIL PROTECTED]>, "'ma'"
> >>> <[EMAIL PROTECTED]>, "'PHP-DB'" <[EMAIL PROTECTED]>
> >>> Betreff: RE: [PHP-DB] Select Value with 's
> >>> 
> >>> Thanks John for the answer.... But...
> >>> 
> >>> Now my select statement on the Result.php page errors out when The
> >>> value has the [']in it..... What the select statement 
> looks like now
> >>> Is
> >>> 
> >>> Select *
> >>> From customer
> >>> Where customer.customer LIKE 'St Mary's Hospital'
> >>> 
> >>> Error message is
> >>> 
> >>> Warning mysql_fetch_array(): supplied argument is not a 
> valid MySQL
> >>> result
> >>> 
> >>> 
> >>> 
> >>> 
> >>> 
> >>> -----Original Message-----
> >>> From: CPT John W. Holmes [mailto:[EMAIL PROTECTED]
> >>> Sent: Wednesday, November 05, 2003 1:45 PM
> >>> To: Aleks @ USA.net; 'ma'; 'PHP-DB'
> >>> Subject: Re: [PHP-DB] Select Value with 's
> >>> 
> >>> From: "Aleks @ USA.net" <[EMAIL PROTECTED]>
> >>>> First I build my select list:
> >>>> 
> >>>>     <SELECT NAME="Cid" size="1">
> >>>>     <OPTION Selected VALUE="">All Customers</OPTION>
> >>>> 
> >>>> <?
> >>>>  While ($Site = mysql_fetch_array($S))  {
> >>>>   $Sid = $Site["CID"];
> >>>>   $SName = htmlspecialchars($Site["Customer"]);
> >>>>   echo("<option value='$SName'>$SName</options>\n");
> >>> 
> >>> Easy fix: echo("<option value=\"$SName\">$SName</options>\n");
> >>> 
> >>> Long version:
> >>> 
> >>> htmlspecialchars() does not change single quotes unless you pass
> >>> ENT_QUOTES as the second parameter. What you're ending up 
> with is a
> >>> value
> >> such as:
> >>> 
> >>> value='St. Mary's'
> >>> 
> >>> which, HTML will interpret as a value of "St. Mary" and 
> an unknown s'
> >>> attribute. So,
> >>> 
> >>> $SName = htmlspecialchars($Site["Customer"], ENT_QUOTES);
> >>> echo("<option value='$SName'>$SName</options>\n");
> >>> 
> >>> will convert single quotes to HTML entities and not 
> affect the value.
> >>> 
> >>> The "easy fix" above works because it uses double quotes 
> around the
> >>> value and htmlspecialchars() already changes double 
> quotes by default.
> >>> 
> >>> ---John Holmes...
> >>> 
> >> 
> >> --
> >> PHP Database Mailing List (http://www.php.net/) To 
> unsubscribe, visit:
> >> http://www.php.net/unsub.php
> >> 
> >> --
> >> PHP Database Mailing List (http://www.php.net/) To 
> unsubscribe, visit:
> >> http://www.php.net/unsub.php
> >> 
> > 
> > --
> > PHP Database Mailing List (http://www.php.net/) To 
> unsubscribe, visit:
> > http://www.php.net/unsub.php
> > 
> > -- 
> > PHP Database Mailing List (http://www.php.net/)
> > To unsubscribe, visit: http://www.php.net/unsub.php
> > 
> 
> -- 
> PHP Database Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
> 
> 

-- 
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Reply via email to