Rolf Hopkins ([EMAIL PROTECTED]) writes:
> I think you mean addslashes()
> > If you are using PHP there is the htmlspecialchars() function that will do
> just that for you.
> > > > > I have written a program which reads data from WWW forms and passes
> > > > it to
> > > > > MySQL queries. All works fine except for the cases when the form is
> > > > filled
> > > > > with characters like '%', '"', ''', etc. Then, these characters are
> > > > treated
> > > > > like special, formatting characters in SQL query, which, of course
> > > > demage
> > > > > the SQL query. I know that this problem can be solved by adding '\'
> > > > char
> > > > > before each such special character, but users typing texts in the
> > > > form by
> > > > > WWW will not know that.
> > > > > Is there any simple way in MySQL to solve this problem?
What kind of program is it? C, Perl, what? By the way, if you are using Escapade,
the engine automatically does the translation for you - no special conversion needed.
--
Ed Carp, N7EKG [EMAIL PROTECTED] 940/367-2744 cell phone
http://www.pobox.com/~erc [EMAIL PROTECTED] - text pager
I sometimes wonder if the American people deserve to be free - they seem
so unwilling to fight to preserve the few freedoms they have left.
---------------------------------------------------------------------
Before posting, please check:
http://www.mysql.com/manual.php (the manual)
http://lists.mysql.com/ (the list archive)
To request this thread, e-mail <[EMAIL PROTECTED]>
To unsubscribe, e-mail <[EMAIL PROTECTED]>
Trouble unsubscribing? Try: http://lists.mysql.com/php/unsubscribe.php
