[EMAIL PROTECTED] wrote:
hi to all.
battling this problem on several forums and mailing lists, I got confused:
when store string that contains quotations (ie afan's "php" shop) in mysql
does it have to be stored with backslashes (afan\'s \"php\" shop) or just
the way it is? my login's telling me the way it is. am I wrong?
most programming languages have specific functions to scape properly all
strings and also most of them to protect you from SQL injection (PHP is
one example).
You should search your language's documentation on how to prepare your
queries passing arguments instead of concatenating it your self on the
query and how to quote properly the strings so you can stop worrying
about it once and for all... ;)
cheers,
--renato
--
MySQL General Mailing List
For list archives: http://lists.mysql.com/mysql
To unsubscribe: http://lists.mysql.com/[EMAIL PROTECTED]
