What I have already is a script that will log in to MySQL, select the appropriate database, and then will save the information into that database. The input is retrieved from a textbox where the user types in whatever they want.
CODE
mysql_query("INSERT INTO posts (User, Content, Time, Date, postnum)
VALUES ('" .$user. "', '" .$input. "', '" .$time. "' , '" .$date. "' , NULL)");
CODE
$result = mysql_query("SELECT * FROM posts");
while ($row = mysql_fetch_array ($result))
{
echo $row['User'] . " said: <br />" . $row['Content'] . "<br /> at " .$row['Time'] . " on " . $row['Date'] . "<br />";
echo "<br />";
}
The problem is that whenever they enter a single quotation mark (') it doesn't write to my database.
Also, if they enter in a line break (enter), it will not echo it properly (although I do believe it is saving it properly). It will simply ignore the line break and put it on the same line.
Thanks in advance,
Brandon
| 