Slow response (just got back from holiday) but might still be relevant...
steve miller wrote:
The problem I am having is when I try to search for a user with a string
that has a ' or a " in it, because the sql throws an error.
The id inserted into the query, so I end up with something like:
select * from table where id=!&" and mysql complains!
Are you interpolating straight into the SQL? If so, don't - look up
placeholders. That way you won't have quoting issues, all will work
nicely, and you'll avoid SQL injection issues.
Cheers
Dave P
____ The WDVL Discussion List from WDVL.COM ____
To Join wdvltalk, Send An Email To: mailto:[EMAIL PROTECTED] or
use the web interface http://e-newsletters.internet.com/discussionlists.html/
Send Your Posts To: [email protected]
To change subscription settings, add a password or view the web interface:
http://intm-dl.sparklist.com/read/?forum=wdvltalk
________________ http://www.wdvl.com _______________________
You are currently subscribed to wdvltalk as: [EMAIL PROTECTED]
To unsubscribe send a blank email to [EMAIL PROTECTED]
To unsubscribe via postal mail, please contact us at:
Jupitermedia Corp.
Attn: Discussion List Management
475 Park Avenue South
New York, NY 10016
Please include the email address which you have been contacted with.
