Values retrieved from database in textbox missing after spaces

php mysql forms row fetch

10,974

Solution 1

May be Because you missed "" around value property of text box if your value contains space then it breaks your text

<td align="left"><input type="text" size="60" 
                name="pro_name" value="'.$row['pro_name'].'"></td>

This way you need to put "" code into your all text box

Solution 2

When you try to retrieve data from my sql table and show it in html table use like:

echo "<td align='left'><input type='text' size='60' name='pro_name' value='".$row['pro_name']."'></td>";

10,974

Author by

user1744840

Updated on June 18, 2022

Comments

user1744840 almost 2 years

This is for edit_inv.php which have some textboxes which users can edit.
The problem is for values that contains spaces. eg. Cisco Router (in phpmyadmin), when I printout the value in the textbox (to be edited or left the way it is) it only have Cisco. The word Router is missing. This would be bad if the user don't want to edit the Cisco Router part and would have to type Router again.

The editing script works. Just that everything after a space isn't on the textbox.

I'm just starting php and would appreciate some help.

<?php

//  Mysql Connect
include('lock.php');
require_once('mysql.php');
$edit_inv = $_GET['inventory_id'] ;

$_SESSION['edit_inv'] = $edit_inv; 

$query = "SELECT * FROM inventory WHERE unikl_id= $login_session_id and inventory_id='$edit_inv'";
$result = mysql_query($query);

    echo '<form method="post" action="handle_inv_edit.php">';
        // Table header.
    echo '<table align="center" cellspacing="0" cellpadding="5" border="2">
    <tr>
    <td align="center"><b>Inventory ID</b></td>
    <td align="center"><b>Device Name</b></td>
    <td align="center"><b>Quantity</b></td>
    <td align="center"><b>Level/Room</b></td>
    <td align="center"><b>Email</b></td>
    <td align="center"><b>Availability</b></td>
    </tr>';

        // Fetch and print all the records.
        while ($row = mysql_fetch_array($result)) {
        echo    '<tr>
                <td align="center">' . $row['inventory_id'] . '</td>

                <td align="left"><input type="text" size="60" 
                name="pro_name" value='.$row['pro_name'].'></td>

                <td align="left"><input type="text" size="4" 
                name="quantity" value='.$row['quantity'].'></td>

                <td align="center"><input type="text" size="4" 
                name="level" value='.$row['level'].'></td>

                <td align="left"><input type="text" size="60"
                name="email" value='.$row['email'].'></td>

                <td align="left"><input type="radio" name="available" value="Yes" CHECKED > Yes 
                        <input type="radio" name="available" value="No"> No</td>


                </tr>';
    }
    echo '</table>';

    echo '<br /><div align="center"><input type="submit" 
    name="Submit" value="Edit" /></div>
    <input type="hidden" name="submitted" value="TRUE" />';

    echo '</form>';
?>

Quentin over 11 years

Spaces do not need to be escaped in SQL (they need to be quoted, which they are). addslashes is not suitable for escaping data for MySQL.
Quentin over 11 years

Good spot. This would have been picked up automatically if @user1744840 had made use of a validator
user1744840 over 11 years

Thank you also others who replied. I will look into SQL injection prevention in my future works as i'm just starting to learn php and mysql.