This problem has probably already been solved (and may even already be a
FAQ), but I can't find the answer and I've tried various things.
I have data in a database that may contain apostrophes.
I am passing variables from a form to a search facility.
Essentially, I want a sql query that looks like this:
SELECT x FROM y WHERE z = 'o'malley'
Now, you can't pass that as is to Firebird, because it lops it off after the
'o' and tells you it doesn't know what malley is.
Fine. Why not just pass your thing to addslashes()? Well, I did that,
resulting in:
SELECT x FROM y WHERE z = 'o\'malley'
But at the Firebird level, this has the same result. It now chops it off
after the 'o\', and tells you it doesn't know what malley is.
Hm. So I tried this at the Firebird level (command line):
SELECT x FROM y WHERE z = o'malley
Brilliant. Works great. But not I have a problem, since my SQL query is in a
variable, and obviously the literal to the variable is being enclosed in
double quotes. So, I think, great, let's just backslash the double-quotes.
So in my PHP, I have:
$sql=SELECT x FROM y WHERE z = \o'malley\;
This doesn't produce any freakouts from PHP ... but now Firebird is
complaining. It says there is no such *column* as o'malley. Well, I know
that, right? Apparently, Firebird thinks I'm trying to compare two columns.
So how *do* you solve this relatively simple problem? I want users to pass
me data that may have apostrophes in it, and look for that data in a
Firebird table.
Evan Morris
[EMAIL PROTECTED]
+27 11 792 2777 (t)
+27 11 792 2711 (f)
-
Is /usr/bin/perl related to /osama/bin/ladin?
--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
