my array does not return the ‘ value like D’Souza
$query= "select vmname,guid,hostid,guestosname from vmobjects";
AddLog("infrastructure.php","Query: ".$query,ERR_DEBUG_LOW);
$result = pg_query($conn,$query);
$no_records=pg_num_rows($result);
$j=$no_records;
$i=0;
while($row = pg_fetch_array($result))
{
if($row[3]=="")
{
$vmobj_Array[$i]=$row[0].'***'.$row[1].'***'.$row[2];
}
else
{
$vmobj_Array[$i]=$row[0].'***'.$row[1].'***'.$row[2];
}
$i++;
}
Here is my pg_escape_string on other page
$username_escaped = pg_escape_string($username);
$password_escaped = pg_escape_string($password);
$name_escaped = pg_escape_string($name);
$query = "insert into vmobjects (guid,ipaddress,username,password,hostid,vmname,guestostype) values('".$guid."','".$ip."','".$username_escaped."','".$password_escaped."','".$hostid."','".$name_escaped."','".strtolower($os)."')";
When you say “does not return” do you mean when you query the database in whatever you manage your database with, or do you mean when you display the results in a webpage?
I will take it you mean the latter, in which case I guess that the problem is showing up now because the form you display it in is using single quotes value =”. You can prove whether this is the case or not by looking at the html source code of the page in question.
You should escape the data for display in html (and protect your users from possible xss attacks) by using htmlentities() or that family of html escaping mechanisms.