On Mon, 22 May 2006, Richard Lynch wrote:
On Mon, May 22, 2006 11:25 am, afan@xxxxxxxx wrote:
After the form is submitted, some fields are filled with single and/or
double quote info (like: 1'2"x2'4", or sky's blue, or "cool" stuff).
I validate what I got using mysql_real_escape_string() and then store
the
result in MySQL. And, it will be stored as:1\'2\"x2\'4\", and sky\'s
blue,
and \"cool\" stuff.
Is this correct way
No.
If you still see \' in your data after it's in MySQL, then you have
done TWO escapes, and should have only done ONE.
By the way, the right way to escape single quotes is by adding anothe
single quote (this is SQL standard). Somthing like:
O'Conner --> O''Conner
--
21:50:04 up 2 days, 9:07, 0 users, load average: 0.92, 0.37, 0.18
---------------------------------------------------------
Lic. Martín Marqués | SELECT 'mmarques' ||
Centro de Telemática | '@' || 'unl.edu.ar';
Universidad Nacional | DBA, Programador,
del Litoral | Administrador
---------------------------------------------------------
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
