Home/ Questions/Q 8380767
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-06-09T16:32:26+00:00

I have a text area input and I’m trying to send to my database

  • 0

I have a text area input and I’m trying to send to my database

“istanbul’un kanayan yarası olan ulaşım, özellikle anadolu yakasından kartal’dan kadıköy’e ulaşımın neredeyse 2 saate varması yüzünden perişan. devletin de politikaları aşikar. 17 ağustos günü verilen söz tutulur mu merak ediyoruz.”

text.

it goes to > 

$bahisaciklamax = $_POST["bahisaciklama"];
$bbb=str_replace("\r\n", "<br />", $bahisaciklamax);
$bahisaciklama=strtolower(strip_tags($bbb, '<br><br /><br/><br />'));

and giving this error:

You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'un kanayan yarası olan ulaşım, özellikle anadolu yakasından kartal'dan kadıköy'e' at line 1

How can I solve this issue?

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    Your code is prone to SQL Injection. Use PDO or MYSQLI

    Example of using PDO extension:

    <?php

    $dbh = new PDO('mysql:host=localhost;dbname=test', $user, $pass);
    $stmt = $dbh->prepare("INSERT INTO REGISTRY (name, value) VALUES (?, ?)");
    $stmt->bindParam(1, $name);
    $stmt->bindParam(2, $value);

    // insert one row
    $name = 'one';
    $value = 1;
    $stmt->execute();

?>

    this will allow you to insert records with single quotes.

    • 0