View unanswered posts | View active topics It is currently December 15th, 2017, 11:10 pm



Reply to topic  [ 1 post ] 
 QuickPHP escaping quotes in SQL statement 
Author Message

Joined: June 2nd, 2016, 2:53 pm
Posts: 1
Post QuickPHP escaping quotes in SQL statement
Hi,

Great little app you've packaged together here. It's helping simplify my setup.

I'm using it for a personal web based app I have developed. It's a bit of a mash up of things.

-- Running on Windows
-- using PHP web pages/forms, HTML, Javascript etc.
-- Backend is a simple Access database

I've been using the 'official' httpd from Apache and things have been working fine. I found QuickPHP in an attempt to minimize the footprint of the app and make it more portable.

One of the forms allows me to enter SQL directly into a textbox to then be executed and have the results returned in a table. The query is returned to the text box in case you want to modify it and try again. Nothing amazing and works just fine with httpd.exe.

With QuickPHP, the query has 'escape' backslashes added when there is a single or double quote in the SQL statement.

So

select top 5 from table where name = 'Something'

Turns into

select top 5 from table where name = \'Something\'

Obviously, this doesn't work and we get an SQL error.

(The same happens if I use a double quote - even though that is not valid in MS Access's SQL syntax.)

Since this works as expected with httpd.exe I can only assume the issue is somewhere in QuickPHP.

Anything you could do to address this would be appreciated. So far, it's the only thing that does not work - though I don't do much :-)

Thanks
Jamie


June 2nd, 2016, 3:09 pm
Profile
Display posts from previous:  Sort by  
Reply to topic   [ 1 post ] 

Who is online

Users browsing this forum: No registered users and 1 guest


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum

Search for:
Jump to:  
cron
Powered by phpBB.