In my experience, the only character you really have to watch out for with
mySQL is a single quote (') which you can just replace with a double-single
quote (''). So I usually do something like this on each piece of text that
I plan to write to a database:
$someInput =~ s/'/''/g;
good luck!
-----Original Message-----
From: james lundeen [mailto:[EMAIL PROTECTED]]
Sent: Thursday, December 12, 2002 12:41 PM
To: '[EMAIL PROTECTED]'
Subject: really basic question about CGI module
I "use CGI" in my routines very often and at times need to look at the
incoming values from forms
to make sure that they don't include "'" "," and other things that might
blow up my connection
with mysql database. Can someone please give me a nice piece of reusable
code that will read the
incoming variable and clean up all of the charecters that the user might
have entered that certain
programming routines might not like? Specifically, I have run into
problems if the user has "
' , in the field. maybe there are others too? any help and code
would be appreciated!
-jimmyjames
__________________________________________________
Do you Yahoo!?
Yahoo! Mail Plus - Powerful. Affordable. Sign up now.
http://mailplus.yahoo.com
--
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
--
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
