Re: Inserting a ' into mySQL

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



use mysql_escape_string.

http://us3.php.net/manual/en/function.mysql-escape-string.php

Jon

Ron Piggott wrote:

I have begun to create a Christian Ministry Directory.  It is on the
ministry web site I am building at
http://www.actsministries.org/ministrydirectory/ .

One of the problems I am now having is if the user types an ' into their
entry --- these ones do not get saved into the mySQL database.

The line of code that inserts into the mySQL database matches the web site
fields ---

INSERT INTO ministrydirectory VALUES ('$ministry_name', '$address_line_1',
'$address_line_2', '$city', '$province_state_county', '$country',
'$postal_zip_code', '$phone', '$fax', '$web_site', '$e_mail',
'$date_updated')";

I can look at this and understand that if an ' is keyed why it wouldn't save
and that line would create an error --- How do you work around this?

Ron




-- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php


[Index of Archives]     [PHP Home]     [PHP Users]     [Postgresql Discussion]     [Kernel Newbies]     [Postgresql]     [Yosemite News]

  Powered by Linux