Thanks bvr
This is good to know, but I still need some validation with my particular
application, as below. Thanks for your time.
Simon H
> -Original Message-
> From: bvr [mailto:[EMAIL PROTECTED]]
> Sent: 04 February 2002 17:44
> To: php-general; Simon H
> Subject
Hi,
To prevent user input from messing with your query you just need to
escape the characters used to delimit query values.
MySQL for example uses ' (single quote) to delimit values so you should
use addslashes() on all values.
This will make inserting values containing the ' character work a
2 matches
Mail list logo