Re: Single quotes in INSERT statements?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



> Skip Evans wrote:
>
>>Hello all,
>>
>>I'm brand spanking new to the list and have a
>>quick question.
>>
>>I was under the impression that addslashes() would
>>handle single quote marks in INSERT statements,
>>but when I execute the following:
>>
>>$sql="UPDATE images SET orderno=$orderno,
>>url='".addslashes($url)."',
>>banner=$banner,caption='".addslashes($caption)."'
>>WHERE imageID=$imageID";
>>
>>...and $caption contains something like:
>>
>>"Don't look"
>>
>>...the data is chopped off at the single quote mark.
>>
>>How, if not addslashes(), does one handle this?

> No, neither mysql_escape_string or
> mysql_real_escape_string worked.
>
> Yes, I am using MySQL, should have said that, sorry.
>
> But anyway, even with both of these functions, the
> data in the string containing the single quote as
> in "Don't Look" is still being truncated at the
> single quote mark.
>
> Any other suggestions would be greatly appreciated.

> Skip

For the archives:

Subject of this thread is misleading since the problem was not one of an
INSERT failing but of HTML not displaying properly because of quotes or
other special characters in the text in the database. Just goes to show
that the best way to get the right answer is to analyze the problem
accurately and ask the right question.

David

-- 
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php


[Index of Archives]     [PHP Home]     [PHP Users]     [Postgresql Discussion]     [Kernel Newbies]     [Postgresql]     [Yosemite News]

  Powered by Linux