I finally came up with a reliable solution that I can use when I'm dealing
with form inputs that can contain quote marks (single or double quotes). To
store quote marks, you can str_replace them with their HTML code
equivalents. For single quote marks, this is ', and for double quote
marks it's "

So before I insert any input into my database, I run my below function on
all the data:

// Replace quotes with their ' and " equivalents
function PrepareQuotes($Var)
        $Var = str_replace("'","'",$Var);
        $Var = str_replace('"',""",$Var);
        return $Var;

Hope this helps someone else.

- Jonathan

PHP Database Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]

Reply via email to