Can't escape apostrophe... Any ideas?

Can't escape apostrophe... Any ideas? - Printable Version

+- CodeIgniter Forums (https://forum.codeigniter.com)
+-- Forum: Archived Discussions (https://forum.codeigniter.com/forumdisplay.php?fid=20)
+--- Forum: Archived Development & Programming (https://forum.codeigniter.com/forumdisplay.php?fid=23)
+--- Thread: Can't escape apostrophe... Any ideas? (/showthread.php?tid=22683)

Can't escape apostrophe... Any ideas? - El Forum - 09-17-2009

[eluser]dallen33[/eluser]
Here's my error:

Quote:A Database Error Occurred
Error Number: 1406

Data too long for column 'notes' at row 1

INSERT INTO online_ads (client,rep,submitted,required,runs,type,size,pickup,url,notes,contacts,status,attachment) VALUES ('474','3','1253209296','1253772000000',NULL,'2','1 ',NULL,NULL,'\Opera \n2009|2010 Season\nHe can’t protect her.',' ',1,NULL)

So I know it's the apostrophe because when I remove it, it works.

I am XSS_CLEANing my posts like this:

Code:
$notes             = $this->input->post('notes', TRUE);

I have global XSS turned on:

Code:
$config['global_xss_filtering'] = TRUE;

I've tried many ways of inserting:

Code:
$sql = "INSERT INTO online_ads (client,rep,submitted,required,runs,type,size,pickup,url,notes,contacts,status,attachment) VALUES (?,?,?,?,?,?,?,?,?,?,?,?,?)";

$this->db->query($sql, array($client,$rep,$submitted,$required,$runs,$type,$size,$pickup,$url,$notes,$contacts,$status,$attachment));

Also this:

Code:
$escaped = $this->db->escape($ad_db_data);

        $this->db->insert('online_ads', $escaped);

Also this:

Code:
$this->db->insert('online_ads', $ad_db_data);

So why is this causing me so much grief? I know I'm likely missing something obvious, but any help would be appreciated.

Can't escape apostrophe... Any ideas? - El Forum - 09-17-2009

[eluser]dallen33[/eluser]
I figured out how to fix it by doing a find and replace.

Code:
$search = array('’');

        $replace = array('\'');

        $notes_cleaned = html_entity_decode(str_replace($search, $replace, htmlentities($notes)));

Is this a bug in CodeIgniter? It's always done a great job of escaping characters, but this one hasn't worked at all. But now that I do a search and replace, it works flawlessly.

Maybe this'll help someone else out in the future!

EDIT: Just FYI, the character that wasn't escaping is a Word doc apostrophe. It has an HTML number of ’. Someone was copying text from a Word doc and pasted it in a textarea.