I finally came up with a reliable solution that I can use when I'm dealing
with form inputs that can contain quote marks (single or double quotes). To
store quote marks, you can str_replace them with their HTML code
equivalents. For single quote marks, this is ', and for double quote
marks it's "
So before I insert any input into my database, I run my below function on
all the data:
// Replace quotes with their ' and " equivalents
$Var = str_replace("'","'",$Var);
$Var = str_replace('"',""",$Var);
Hope this helps someone else.
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]