Converting double quotes to singles quotes[SOLVED]

Posted: Sun Oct 05, 2014 6:19 am

I have this line

Code:

$string=" WHERE news_cat='$catid' AND news_title LIKE '%$searchnews%'";

I converted like this

Code:

$string = ' WHERE `news_cat` = \'' . $catid . '\' AND `news_title` LIKE '%$searchnews%'';

This one doesn't work

Code:

$string = ' WHERE `news_cat` = \'' . $catid . '\' AND `news_title` LIKE '"%$searchnews%"';

This one doesn't work neither.

I wonder why. Is there anything am I doing wrong? What is the correct answer?

The problem is solved

I made it like this.

Code:

$string = ' WHERE `news_cat` = \'' . $catid . '\' AND `news_title` LIKE \'%' . $searchnews . '%\'';

Posted: Sun Oct 05, 2014 7:03 am

Why convert it anyway?

Posted: Sun Oct 05, 2014 7:23 am

because of many typo errors and validation errors I still get with multiheadlines modules. I guess I am the only one who cares about it.

Take a look at what I did already.

www.bestbuildpc.org/bugfiles/index.txt

I fixed this part as well and everything has been converted to single quotes to get a clean file

Code:

function RSSAd(){


   global $db, $prefix, $conf, $user, $module_name;


   if (($conf["anonsubmit"]=="submit") || (is_user($user))) {


      $url=check_html($_POST["submitURL"], "nohtml");


      $titlesite=check_html($_POST["titlesite"], "nohtml");


      $cat=intval($_POST["select_categ"]);


      OpenTable();


      if (($url=='') || ($titlesite=='') || ($cat==-1)) {


         echo '<center><b>'._MH_SUBMERROR.'</b></center>';


      } else {


         echo '<center><b>'._MH_SUCCESRSSSUB.'</b></center>';


      }


      CloseTable();


      OpenTable();


      if ($url=='') {


         echo _MH_INVALIDURL.'<br /><br /><a href="javascript:history.go(-1)">'._MH_GOBACK.'</a>'._MH_CHANGEIT;


      } elseif ($titlesite=='') {


         echo _MH_PLENTTIT.'<br /><br /><a href="javascript:history.go(-1)">'._MH_GOBACK.'</a>'._MH_ENTTITFSITE;


      } elseif ($cat=='-1') {


         echo _MH_PLSELCAT.'<br /><br /><a href="javascript:history.go(-1)">'._MH_GOBACK.'</a>'._MH_ANDSELONE;


      } else {


         $siteurl = ereg_replace("http://","",$url);


         $siteurl = explode("/",$siteurl);


         $site = check_html("http://".$siteurl[0], "nohtml");


         $db->sql_query("INSERT INTO ".$prefix."_multiheadlines_urls (urls_title, urls_site, urls_url, urls_image, urls_categ, urls_active)   VALUES ('".mysql_real_escape_string($titlesite)."', '".mysql_real_escape_string($site)."', '".mysql_real_escape_string($url)."', '', '".intval($cat)."', '0')");   


         echo _MH_THANKYOUSUB.'<br /><br /><center><a href="modules.php?name='.$module_name.'&amp;rss=ShowCateg">'._MH_DONE.'</a></center>';


      }


      CloseTable();


   }


}

NEW ONE with Single Quotes and using mysqli

Code:

function RSSAd(){


  global $db, $prefix, $conf, $user, $module_name;


  if (($conf['anonsubmit'] == 'submit') || (is_user($user))) {


    $url = stripslashes(check_html($_POST['submitURL'], 'nohtml'));


    $titlesite=stripslashes(check_html($_POST['titlesite'], 'nohtml'));


    $cat = stripslashes(check_html($_POST['select_categ'], 'nohtml'));


    OpenTable();


    if (($url == '') || ($titlesite == '') || ($cat == '1')) {


      echo '<div class="text-center"><b>' , _MH_SUBMERROR , '</b></div>';


    } else {


      echo '<div class="text-center"><b>' , _MH_SUCCESRSSSUB , '</b></div>';


    }


    CloseTable();


    OpenTable();


    if ($url == '') {


      echo '' , _MH_INVALIDURL , '<br /><br /><a href="javascript:history.go(-1)">' , _MH_GOBACK , '</a>' , _MH_CHANGEIT;


    } elseif ($titlesite == '') {


      echo _MH_PLENTTIT , '<br /><br /><a href="javascript:history.go(-1)">' , _MH_GOBACK , '</a>' , _MH_ENTTITFSITE;


    } elseif ($cat == '1') {


      echo _MH_PLSELCAT , '<br /><br /><a href="javascript:history.go(-1)">' , _MH_GOBACK , '</a>' , _MH_ANDSELONE;


    } else {


      $siteurl = preg_replace('~http://~','',$url);


      $siteurl = explode('/',$siteurl);


      $site = stripslashes(check_html("http://".$siteurl[0], "nohtml"));


      $row = $db->sql_fetchrow($db->sql_query('SELECT * FROM `' . $prefix . '_multiheadlines_categ` WHERE `categ_title` = \'' . $cat . '\''));


      $catid=intval($row['categ_id']);


      $db->sql_query("INSERT INTO ".$prefix."_multiheadlines_urls (urls_title, urls_site, urls_url, urls_image, urls_categ, urls_active)   VALUES ('".$db->sql_escape_string($titlesite)."', '".$db->sql_escape_string($site)."', '".$db->sql_escape_string($url)."', '', '".intval($cat)."', '0')");


      echo _MH_THANKYOUSUB , '<br /><br /><div class="text-center"><a href="modules.php?name=' , $module_name , '&amp;rss=ShowCateg">' , _MH_DONE , '</a></div>';


    }


    CloseTable();


  }


}

registered · Site Admin Joined: Aug 22, 2007 Posts: 1775

Yes you are the only one! lol