开发者

jQuery double quotes

问答 作者:

i have this form:

<form name="myForm" action="#">
     <input type="text" name="firstField" />
     <input type="text" name="secondField" />
     <input type="submit" name="submitButton" />
</form>

and i have an ajax request:

$('input[type="submit"]').click(function(){
       var serialized = $('form').serialize();
       //ajax request
       $.ajax({
                type : "POST",
                url : "takeAction.php",
                data : serialized,
                succes : function(){
                    alert('done');
      开发者_运维技巧          }
       }); 
});

the problem is that if any of my fields value contains "'", like (who's the boss) my ajax request fails to complete (i'm trying to update an mysql row but the code fails, i get no error just that my row is not updated). i know that it's something about quotes but i don;t know how to do it. thanks

The problem is in your PHP code on the server, not in your HTML or JavaScript.

You're probably writing the submitted data values directly into an SQL query, yes?:

$query = sprintf("SELECT * FROM users WHERE user='%s'", $user);

You need to either use prepared statements, or use mysql_real_escape_string() to escape your values:

$query = sprintf("SELECT * FROM users WHERE user='%s'",
                  mysql_real_escape_string($user));

继续阅读:formsjqueryquotesserialization

更多精彩内容

0

上一篇:

下一篇:

精彩评论

暂无评论...
登录 注册
Qedev.com
验证码 换一张
取 消

最新问答

问答排行榜

法律声明:本站内容均为网友上传,网站举办方负责审核和监督,

如存在版权或非法内容,欢迎举报,我们将尽快予以删除。

Copyright © 2018-2020 开发者. All rights reserved.

Powered by 开发者

ICP备案号: 京ICP备10032868号-9