function quote($var)
{
if (is_string($var))
{
if (strlen($var)>0)
{
$var="'" . str_replace("\'","\\'",$var) . "'";
}
else
{
$var="NULL";
}
}
return $var;
}
$sql=" Select blablabla from whatever where something=" .
quote($variable) . " and so forth";
Regards,
Egil
On Mon, 15 Oct 2001 12:46:31 -0700, Corn Vollney-R7019C wrote:
>Ross,
>
>A better way to validate your form is to use javascript on the
>client side, once the form is validated (using the clients computer
>power) you can then send the data to a php script via get or post,
>and have it processed further.
>
>V
>
>-----Original Message-----
>From: Ross Fleming [mailto:[EMAIL PROTECTED]]
>Sent: Monday, October 15, 2001 6:14 PM To: [EMAIL PROTECTED]
>Subject: [PHP-WIN] Inserting symbols into a mysql database from PHP
>
>
>Hi all,
>
>My problem is that that I have a form that takes user data and
>inserts it into a database. How can I allow quote marks to be
>inserted into the database? ie if someone puts a " mark in the form
>field then php/mysql recognises that as the end of the data I'm
>trying to insert. I tried urlencode-ing the data before inserting
>it and urldecode-ing it when reading it, but it didn't help.
>
>Any suggestions? Surely this must be possible?
>
>Thanks in advance
>
>Ross
>
>
>--
>PHP Windows Mailing List (http://www.php.net/)
>To unsubscribe, e-mail: [EMAIL PROTECTED] For
>additional commands, e-mail: [EMAIL PROTECTED] To
>contact the list administrators, e-mail: php-list-
>[EMAIL PROTECTED]
-=//
Egil Helland / IKON AS - MCSE, Internet, Intranet
mailto:[EMAIL PROTECTED] http://egil.net
//=-
--
PHP Windows Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
