lots of ways to handle this use HTMLentities($string) to convert the apostrophes use addslashes($string) to escape them use mysql_real_escape_string($string) to escape them the last is my preferred method bastien> Date: Thu, 3 Jan 2008 13:22:09 -0600> From: awilliam@xxxxxxxxxxxxxxxx> To: php-general@xxxxxxxxxxxxx> Subject: handling ' with mysql/php insert and select> > In my form, I am parsing all the text inputs through > mysql_real_escape_string() before inserting the data. however, when I > look at the SQL query in PHP, when I type the word blah's to my text box > variable, and then insert it into mysql after being ran through > mysql_real_escape_string(), it does:> > insert into contract (contract_id, responsibility) VALUES (15, 'blah\\\'s')> > and when I query the in mysql/PHP it shows:> > select responsibility from contract where contract_id = 15;> +----------------+> | responsibility |> +----------------+> | blah\'s |> +----------------+> 1 row in set (0.00 sec)> > and when I run that select statement in PHP it prints blah\'s on the > screen. I want it to print back blah's without the \. So what are my > options? run every variable through stripslashes(); before printing > them to the screen?> > -- > PHP General Mailing List (http://www.php.net/)> To unsubscribe, visit: http://www.php.net/unsub.php> _________________________________________________________________ Read what Santa`s been up to! For all the latest, visit asksantaclaus.spaces.live.com! http://asksantaclaus.spaces.live.com/
