If you are using PHP there is the htmlspecialchars() function that will do just that
for you.
cheers,
thalis
> > ----- Original Message -----
> > From: "Robert Heron" <[EMAIL PROTECTED]>
> > To: <[EMAIL PROTECTED]>
> > Sent: Saturday, February 17, 2001 6:35 PM
> > Subject: special characters in MySQL query
> >
> >
> > > I have written a program which reads data from WWW forms and passes
> > it to
> > > MySQL queries. All works fine except for the cases when the form is
> > filled
> > > with characters like '%', '"', ''', etc. Then, these characters are
> > treated
> > > like special, formatting characters in SQL query, which, of course
> > demage
> > > the SQL query. I know that this problem can be solved by adding '\'
> > char
> > > before each such special character, but users typing texts in the
> > form by
> > > WWW will not know that.
> > > Is there any simple way in MySQL to solve this problem?
> > >
> > > Robert
---------------------------------------------------------------------
Before posting, please check:
http://www.mysql.com/manual.php (the manual)
http://lists.mysql.com/ (the list archive)
To request this thread, e-mail <[EMAIL PROTECTED]>
To unsubscribe, e-mail <[EMAIL PROTECTED]>
Trouble unsubscribing? Try: http://lists.mysql.com/php/unsubscribe.php
