Any text field that has the possibility of getting quotes should be
$textfield = addslashes($textfield);
prior to insert.
Then on displaying, use
$textfield = stripslashes($textfield);
If it is a big text (including paragraphs) I use
$textfield = nl2br(stripslashes($textfield));
On Monday, June 10, 2002, at 12:40 PM, Daniel Brunner wrote:
> Spit some code out...I put a lot of ' in my inserts...
> Is it from a form?!?!!?
> Is it from a Insert, or Select or Update?!?
> That's why we need some code...
> On Monday, June 10, 2002, at 12:01 PM, [EMAIL PROTECTED] wrote:
>> I have noticed that when I try to assign the value of a input field
>> that has a ' in it for example : <can't > It will goof up my attempt
>> to load the information to the database. Anyone know a way around
>> this? Do I have to send each string through a parsing routine before
>> assigning my string to a variable that will be used in a SQL statement?
>> PHP Database Mailing List (http://www.php.net/)
>> To unsubscribe, visit: http://www.php.net/unsub.php
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php