Ok that would solve my SQL statements from breaking but how about in the submitted form data at submit time? John list_php_general@xxxxxxxxxxxxxxxxxx <mailto:list_php_general@xxxxxxxxxxxxxxxxxx> on Friday, April 08, 2005 3:43 PM said: > The ' apostrophe or " can cause an early truncation of the data. My > code thinks that the closing identifier is after the word Joe and the > rest of the input is lost. Further, if the data does get by and it > could possibly break a SQL statement. > > Am I right in thinking the solution in this matter is using regular > expressions? If I understand you correctly the answer to that question is 'no'. > If so, where is a good resource to polish my skills? A great utility for practicing with regular expressions is theregexcoach (search for it). > What about turning off/on magic quotes? I would keep magic quotes off and do the escaping myself. This way you know exactly what is happening. What you need to do is addslashes() to the data before putting it in the sql query. HTH, Chris. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
