tinymce sql syntax error

realcoder

i am using editor of tinymce
from here
http://tinymce.moxiecode.com/
but facing problem when making some data in this and saving that through mysql query in colum
ErroR
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 's leading centre for studies in education and related disciplines

i think this error is becoz of difference syntaxes which m inserting lIke table " ' this type of things
what is the solution of that i don't get this message which function use fo inserting data in table😕

bradgrafelman

How are you inserting the data in the SQL query?

It sounds like you aren't properly sanitizing incoming data. Note that user-supplied data should never be placed directly into a SQL query string, else your code will be vulnerable to SQL injection attacks and/or just plain SQL errors (as you're seeing). Instead, it must first be sanitized with a function such as [man]mysql_real_escape_string/man (for string data).

realcoder

data is inserting but now new problem which data is doing echo that show not code impletation
direct shoing this <table><tr><td>data
instead of showing real working of out put of table and other style

dagon

view source, sounds like htmlentities() or htmlspecialchars() is being applied.

in source you should see

&lt;

for < etc if this is the case

realcoder

yes i think that's the problem haend <
how i get rid of this problem sorry i don't understand what u said.. please explain

realcoder

i think i got the solution
this one
html_entity_decode

dagon

it would be easier to remove the encoding as timymce does not use it than to apply decoding.