Values retrieved from database in textbox missing after spaces
Solution 1
May be Because you missed ""
around value property of text box if your value contains space
then it breaks your text
<td align="left"><input type="text" size="60"
name="pro_name" value="'.$row['pro_name'].'"></td>
This way you need to put "" code into your all text box
Solution 2
When you try to retrieve data from my sql table and show it in html table use like:
echo "<td align='left'><input type='text' size='60' name='pro_name' value='".$row['pro_name']."'></td>";
user1744840
Updated on June 18, 2022Comments
-
user1744840 almost 2 years
This is for edit_inv.php which have some textboxes which users can edit.
The problem is for values that contains spaces. eg. Cisco Router (in phpmyadmin), when I printout the value in the textbox (to be edited or left the way it is) it only have Cisco. The word Router is missing. This would be bad if the user don't want to edit the Cisco Router part and would have to type Router again.The editing script works. Just that everything after a space isn't on the textbox.
I'm just starting php and would appreciate some help.
<?php // Mysql Connect include('lock.php'); require_once('mysql.php'); $edit_inv = $_GET['inventory_id'] ; $_SESSION['edit_inv'] = $edit_inv; $query = "SELECT * FROM inventory WHERE unikl_id= $login_session_id and inventory_id='$edit_inv'"; $result = mysql_query($query); echo '<form method="post" action="handle_inv_edit.php">'; // Table header. echo '<table align="center" cellspacing="0" cellpadding="5" border="2"> <tr> <td align="center"><b>Inventory ID</b></td> <td align="center"><b>Device Name</b></td> <td align="center"><b>Quantity</b></td> <td align="center"><b>Level/Room</b></td> <td align="center"><b>Email</b></td> <td align="center"><b>Availability</b></td> </tr>'; // Fetch and print all the records. while ($row = mysql_fetch_array($result)) { echo '<tr> <td align="center">' . $row['inventory_id'] . '</td> <td align="left"><input type="text" size="60" name="pro_name" value='.$row['pro_name'].'></td> <td align="left"><input type="text" size="4" name="quantity" value='.$row['quantity'].'></td> <td align="center"><input type="text" size="4" name="level" value='.$row['level'].'></td> <td align="left"><input type="text" size="60" name="email" value='.$row['email'].'></td> <td align="left"><input type="radio" name="available" value="Yes" CHECKED > Yes <input type="radio" name="available" value="No"> No</td> </tr>'; } echo '</table>'; echo '<br /><div align="center"><input type="submit" name="Submit" value="Edit" /></div> <input type="hidden" name="submitted" value="TRUE" />'; echo '</form>'; ?>
-
Quentin over 11 yearsSpaces do not need to be escaped in SQL (they need to be quoted, which they are).
addslashes
is not suitable for escaping data for MySQL. -
Quentin over 11 yearsGood spot. This would have been picked up automatically if @user1744840 had made use of a validator
-
user1744840 over 11 yearsThank you also others who replied. I will look into SQL injection prevention in my future works as i'm just starting to learn php and mysql.