Small help needed on Php

[baris22]

this is th code:

<td><textarea name="fullpage[]" cols="140" rows="16" id="fullpage"><?=stripslashes ($rows['fullpage']) ?></textarea></td>

<?phpif($Submit){
for($i=0;$i<$count;$i++){
$sql1="UPDATE $tbl_name SET title='$title[$i]', fullpage='$fullpage[$i]' WHERE id='$id[$i]'";
$result1=mysql_query($sql1);
}
}
if($result1){
echo "<meta http-equiv=\"refresh\" content=\"0\">";
}
mysql_close();?>

all i want to do is use str_replace to replace "</td>" with " </td>" on fullpage='$fullpage[$i]'

Thanks for help.

 

[qbert220]

$sql1="UPDATE $tbl_name SET title='$title[$i]', fullpage='".mysql_real_escape_string(str_replace('</td>', ' </td>', $fullpage[$i]))."' WHERE id='$id[$i]'";

You need the mysql_real_escape_string since $fullpage is user input. You should probaby be using $_GET/$_POST/$_REQUEST instead, e.g.

$sql1="UPDATE $tbl_name SET title='$title[$i]', fullpage='".mysql_real_escape_string(str_replace('</td>', ' </td>', $_REQUEST['fullpage'][$i]))."' WHERE id='$id[$i]'";

 

[baris22]

$sql1="UPDATE $tbl_name SET title='$title[$i]', fullpage='".str_replace('</td>', ' </td>', $fullpage[$i])."' WHERE id='$id[$i]'";

what about if i want to replace "<br/>" with " <br />" as well as </td>

thanks

 

[qbert220]

what about if i want to replace "<br/>" with " <br />" as well as </td>

$sql1="UPDATE $tbl_name SET title='$title[$i]', fullpage='".mysql_real_escape_string(str_replace('<br/>', ' <br />', str_replace('</td>', ' </td>',  $_REQUEST['fullpage'][$i])))."' WHERE id='$id[$i]'";