Pick one:
http://si2.php.net/manual/en/function.htmlentities.php
http://si2.php.net/manual/en/function.addslashes.php
http://si.php.net/mysql_escape_string
Aleksandar
Yamil Ortega wrote:
Hi list, good day.
I have a simple script that inserts text on a mysql table, that has a field
named
You need to escape the single quote, an easy way to do this is to run the
text thru the addslashes() filter. Obviously you can't run your entire
query thru the filter thru the filter because most of your quotes need to be
identified by the db. Here is what I do.
$query = insert table1(col1,
On Thu, 2007-10-04 at 10:18 -0700, Warren Vail wrote:
You need to escape the single quote, an easy way to do this is to run the
text thru the addslashes() filter. Obviously you can't run your entire
query thru the filter thru the filter because most of your quotes need to be
identified by the
-Original Message-
From: Robert Cummings [mailto:[EMAIL PROTECTED]
Sent: Thursday, October 04, 2007 10:28 AM
To: Warren Vail
Cc: 'Yamil Ortega'; php-general@lists.php.net
Subject: RE: [PHP] inserting ´ in a db
On Thu, 2007-10-04 at 10:18 -0700, Warren Vail wrote:
You need to escape the single
On Thu, 2007-10-04 at 10:55 -0700, Warren Vail wrote:
Rob,
Your opinion would have meant more had you offered a solution. The only
hole that I am aware of is the likelihood that the imbedded query could get
executed accidentally later.
If the database is mysql, there is finally a mysql
There are any number of elements to try
htmlspecialchars
mysql_real_escape_string
addslashes
RTFM and see what works best for your situation
bastien From: [EMAIL PROTECTED] To: php-general@lists.php.net Date: Thu, 4
Oct 2007 11:44:34 +0900 Subject: [PHP] inserting ´ in a db Hi list,
Yamil Ortega wrote:
Hi list, good day.
I have a simple script that inserts text on a mysql table, that has a field
named description and the type is text.
Everting works fine, except when I try to insert a text that includes a
simple quote.
For example
Yamil´s car
[EMAIL PROTECTED] (Chris) writes:
Everting works fine, except when I try to insert a text that includes a
simple quote.
http://www.php.net/mysql_real_escape_string
I'll see you that and raise you PEAR's database interfaces:
http://pear.php.net/package/DB - especially
On Wednesday 03 October 2007, Tom Swiss wrote:
[EMAIL PROTECTED] (Chris) writes:
Everting works fine, except when I try to insert a text that includes a
simple quote.
http://www.php.net/mysql_real_escape_string
I'll see you that and raise you PEAR's database interfaces:
maybe yuou could try passing the variables into an input hidden field, so
you know the answer wont be uncomplete, and you insert all of them in the
last page.
Flavio Bastos Amiel
Rick Widmer [EMAIL PROTECTED] wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
At 01:56 PM 7/29/02
At 01:56 PM 7/29/02 +, Tyler Durdin wrote:
I have a DB that will take answers to an 82 question survey, but i have
the survey divided into 4 html pages(forms) of 20 or so question per page.
The people taking the survey are not required to fill out every question
on the survey. i was
11 matches
Mail list logo