Fix a MYSQL insert issue with ' character causing an error

HELLO THERE, Over 190+ Positive Reviews. Over 90% Completion Rate. 5 Star Rating. 8+ Years of experience in PHP/MYSQL I AM INTERESTED IN WORKING ON THIS PROJECT. PLEASE CHECK MY REVIEWS AND THEN DECIDE ON ME. LOOKING FOR A LONG TERM RELATIONSHIP. -------------- THANKS, AJIT

Greetings Ready to fix the problem and avaible for you !! Thanks

Hello We have already done the fix. I can attach once you award the project. If by chance it does not work on your server, we will propose another solution. This depends on the version of the softwares on your server and what it supports. So once you test and confirm that the proposed solution works fine, we will tell you the change we made so that you can replicate in other forms.

Hello! With 99% completion rate, 720 successfully completed projects, and a 5.00 reputation (maximum possible, 5.0) (Yes, not even 4.99 average rating, can be verified on my profile page https://www.freelancer.com/u/rajeshsonisl.html !!)... you can never go wrong choosing me :) I look forward to your reply. Thanks. Kind Regards, Rajesh Soni

Hello, I have 5+year experience in php and its framework like joomla, Wordpress, etc. I can solve this error with in 20 minute and give you the good update. I already work with you one time in joomla project. Can we start the project?

----------------------------------------------------------Please Consider on My BID---------------------------------------------------Dear Sir/Madam, We are already read your project description & fully understand this project for you. Also I have solid experienced professional in-house team of designers, developers and coders. We are offering best price in this market & providing best quality of work for you. Please check your PMB for more details & award me for this project. ~~~~~~~~~~~~~~~~~Few reasons to select us as a service provide~~~~1. Post delivery free bug fixing support.------- 2. Industry standard modern design.------- 3. Secure coding SQL injection and XSS (cross site scripting),------- 4. Well documented code.------- 5. Regular work update. ~~~~~~~~~~~~~~~~~~~~~~~~ ~~~~~~~~~~~~~~ Thanks with Regards

Can do it right now ! I have understood what is required. Looking forward working with you. Regards, Abhi

i am a skilled developer, i can fix the issue for you. i am a skilled developer, i can fix the issue for you. i am a skilled developer, i can fix the issue for you.

Ready for the job sir, can fix it and available to work on it right now, give me a try I will not let you down, thanks alot.

hi, i can fix now for you.. already we made more works together. choose me and we can provide fixed file

Hello, We need to convert all special characters into other characters which doesn't cause any issue. Please message and award, I will do that in half an hour and give it back to you. Best Regards, Murtaza F.

Hi there, I can help, just need your response to continue, please check feedback from my previous employers if you doubt about my performance.

hello i have reviewed your code and i have found that you need to escape the special charterers i can fix this for you.

Hi, I'm ready to help you with this task. I have more than 8 years of experience with PHP, so it's going to be done on the highest level. Please consider my profile for experience and previous projects: https://www.freelancer.com/u/tsarevilya.html

Hello! As far as the quote characters are concerned, I've fixed that already. Now regarding the comma - are you sure that a comma alone brakes the query, because I don't see that from the code? Kind Regards, Dobri PS: Upon testing locally no punctuational characters break the insert/update queries, after the fix.

Hi it is simple you can replace the ' character with the ` (in left of key 1) and it will looks like ' in your UI else you can change it in front end. :) happy coding. I did the same when this error occurred in my application. Thanks Arpit

Hi, I modified file, write me, so I can send you modified file I can not find to file to send, I think file sending will be avaialble once you respond me you can use mysql_real_escape_string() function to fix the ' quotation problems Regards Nurba

Sir, please open a chat so that I can send you the updated file. If it do not work, then there is other ways but that will hamper the security. Thanks and Regards, BUlbu.

i will fix it right now so you can add any character thanks i will fix it right now so you can add any character thanks

Hi, I can fix it for your and sent it back to you.. pls select the bid and create a milestone for it. Thanks Dhirendra

You need escape all unescaped strings before put it into query. Sample $tmpSql = "INSERT INTO tbl_public_menu(parent_menu, menu_title, page_title ,content)" . " VALUES('" . $this->public_menu["parent_menu"] . "'" . ",'" . $this->public_menu["menu_title"] . "'" . ",'" . $this->public_menu["page_title"] . "'" . ",'" . $this->public_menu["content"] . "'" . ")"; Should be replaced with $tmpSql = "INSERT INTO tbl_public_menu(parent_menu, menu_title, page_title ,content)" . " VALUES('" . $this->public_menu["parent_menu"] . "'" . ",'" . mysql_real_escape_string($this->public_menu["menu_title"]) . "'" . ",'" . mysql_real_escape_string($this->public_menu["page_title"]). "'" . ",'" . mysql_real_escape_string($this->public_menu["content"]) . "'" . ")"; You need to apply same changes to all insert and update queries ( when corresponded strings aren't already escaped). King Regards, Alex