Post not uploading to database because of friendly seo url

Question

Here's an issue I posted earlier: Remove all punctuation from php string for friendly seo url.

I was super excited that the issue got resolved, but now, the entire blog post is not uploading to the database. I have a feeling it has to do with changing the code from:

$post_name = htmlentities(($_POST['post_name']), ENT_QUOTES, 'utf-8');

to

$post_name = html_entity_decode(($_POST['post_name']), ENT_QUOTES, 'utf-8');

If anyone has any ideas, please let me know!

Answer 1

If the post name has apostrophes (') or speech marks (") then the insert into the database is likely to fail as it will conflict with the INSERT statement. You can try doing something like:

$post_name = addslashes( html_entity_decode(($_POST['post_name']), ENT_QUOTES, 'utf-8') );

However, a better way would be to use the MySQL mysql_real_escape_string or mysqli_real_escape_string function to escape the string instead of addslashes. The function to use will depend on your MySQL code and extension used (MySQL or MySQLi), e.g:

$post_name = mysql_real_escape_string( html_entity_decode(($_POST['post_name']), ENT_QUOTES, 'utf-8'), $db );