views:

30

answers:

1

I am using Jquerys ajax function to post data to my database. I have a textarea that allows users to type in their posts and update it to the database.

Here is a code snippet:

$.ajax({
    type : "POST",
    url: "process.php",
    data: "postmessage="+ postmessage +"& from_user="+ from_user +"& from_username="+ from_username,

My problem is that when the data within the 'postmessage' variable contains character such as " and ' it fails to post. How can I turn filter these characters and put them back in on the other end????

Example text:

"I've been talking alot lately" 
A: 

Never concatenate strings. You could pass the arguments as a hash:

$.ajax({
    type : 'POST',
    url: 'process.php',
    data: { postmessage: postmessage, 
            from_user: from_user, 
            from_username: from_username },
    success: function(result) {

    }
});

This way jQuery will take care of properly URL encoding parameters.

Darin Dimitrov
I have done that but still doesn't work hmmm.. Could it be a problem on the PHP end when posting to DB???
@user342391, yes the problem is most probably in your PHP script.
Darin Dimitrov
Is there any decoding needed on the php end??? Is there any way I can view the post data???
No decoding is necessary. You could simply use `$_POST['from_user']` to read the posted data. When inserting into the database you have to be extremely careful though to avoid SQL injection which is what I suspect is your problem.
Darin Dimitrov
You may also take a look at Prepared Statements (http://php.net/manual/en/pdo.prepared-statements.php) to avoid SQL injection.
Darin Dimitrov