Try
$string = mysql_real_escape_string($string);
On 7 Dec 2004, at 14:12, Shaun wrote:
Hi,
I have been investigating the problem of apostrphes in a mysql insert / update. I use a db_query function for all my queries:
function db_query($query) { $qid = mysql_query($query); return $qid; }
It appears after some research that the best way around the problem is to
check whether magic_qoutes_gpc is off and if so use addslashes(). I have
altered the function to this:
function db_query($query) { if(!magic_quotes_gpc()){ $qid = mysql_query(addslashes($query)); } else { $qid = mysql_query($query); } return $qid; }
But this adds too many slashes! Has anyone come to a better solution regarding this?
Thanks
-- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
-- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
