> LOL - thanks all - reckon I can get what I need out of this. I actually
need
> it for MySQL - customer hit me with a O'Shea name - blew my database
insert
> out of the water - will escape it by adding a \ in front of it or other
> slashes - once again thanks all
I guess you use DBD::mysql...
I always use placeholders to avoid this problem. Like:
$handlerbandlerbundlerkundler = $bigsqlkillermodulthingy->prepare ("UPDATE
foo SET username = (?)",$stupiduser);
$handlerbandlerbundlerkundler->execute;
where $stupidusers can be any string. You can use "quote", too, but
personally I hate that syntax.
- Cs.
ps: And you can use shorter variable, too :-)
