Okay, so I've been using the code that I learned from you good people in the last thread I posted on the subject. However, there was a part of it that never worked correctly.
To refresh, I needed a simple journal type tool for my site. With your help, I created a form that, when filled out, would update the database, and another script that would display the contents of that database. There was just one problem with the first part.
Here is the code for the form:
<form action="input.php" method="POST">
<h2>Title:</h2> <input type="text" name="title" /><br><br>
<h2>Entry text:</h2> <textarea rows="10" cols="30" name="body"></textarea><br>
<input type="submit" value="Submit">
</form>
And here is the code for the script that processes the data from the form:
<?php
mysql_connect ("localhost", "weblog", "allowat");
mysql_select_db("weblog");
$blogtime= time();
mysql_query("INSERT INTO article (`timestamp`, `title`, `body`)
values ('$blogtime', '$title', '$body')");?>
The problem is this: whenever a single quote is entered into either field and the form is submitted, the whole thing breaks/quits. Nothing is entered into the database, and the script exits normally (apparently).
David was helping me with this before, and he suggested using this to convert characters to HTML entities:
example:
$body=htmlentities($body);
Unfortunately, that didn't work.
Any ideas?