Ben Dunlap wrote:
You can use http://us.php.net/mysql_real_escape_string to escape the
input.
[8<]
You should prep your data for insertion into the data by using a tool
that formats it strictly for the database. In the ops case
mysql_real_escape_string() is the correct tool for the job.
Wha
You can use http://us.php.net/mysql_real_escape_string to escape the
input.
[8<]
You should prep your data for insertion into the data by using a tool
that formats it strictly for the database. In the ops case
mysql_real_escape_string() is the correct tool for the job.
What about using prepa
From: Yuri Yarlei
> I think mysql_real_escape_string() is work well, but if
> you are use mysql db, if you are using another db, the best
> function is addslashes but for another special charactes
> you will need treat them with another ways
Slashes are the wrong character to use. The official S
Java, after the world.
Kyou wa PHP, ashita wa Java, sono ato sekai desu.
> Date: Mon, 27 Jul 2009 11:10:08 -0700
> From: li...@cmsws.com
> To: mpet...@mac.com
> CC: phps...@gmail.com; mbmas...@stanford.edu; biprel...@gmail.com;
> php-general@lists.php.net
> Subject: Re: [PHP] Sin
Michael A. Peters wrote:
> Bastien Koert wrote:
>> On Mon, Jul 27, 2009 at 12:41 PM, Mari Masuda
>> wrote:
>>> You need to sanitize and escape the input before inserting it into
>>> the db.
>>> You can use http://us.php.net/mysql_real_escape_string to escape the
>>> input.
>>>
>>> On Jul 27, 2009,
Bastien Koert wrote:
On Mon, Jul 27, 2009 at 12:41 PM, Mari Masuda wrote:
You need to sanitize and escape the input before inserting it into the db.
You can use http://us.php.net/mysql_real_escape_string to escape the input.
On Jul 27, 2009, at 09:35, Ben Miller wrote:
Hi,
I have a form i
On Mon, Jul 27, 2009 at 12:41 PM, Mari Masuda wrote:
> You need to sanitize and escape the input before inserting it into the db.
> You can use http://us.php.net/mysql_real_escape_string to escape the input.
>
> On Jul 27, 2009, at 09:35, Ben Miller wrote:
>
>> Hi,
>>
>>
>>
>> I have a form in whi
You need to sanitize and escape the input before inserting it into
the db. You can use http://us.php.net/mysql_real_escape_string to
escape the input.
On Jul 27, 2009, at 09:35, Ben Miller wrote:
Hi,
I have a form in which my sales reps can add new clients into the
database,
but I'm r
Hi,
I have a form in which my sales reps can add new clients into the database,
but I'm running into a problem if the client's name includes a single quote,
such as O'Henry, when it comes time to input the form data into the database
table. I'm guessing I need to use ereg_replace, or something
9 matches
Mail list logo
