thanks for your response. I'm already working on the php "part" but just wondered how "bad" is to have backslash in front of quotes.
thanks. -afan > [EMAIL PROTECTED] wrote: >> hi to all. >> >> battling this problem on several forums and mailing lists, I got >> confused: >> when store string that contains quotations (ie afan's "php" shop) in >> mysql >> does it have to be stored with backslashes (afan\'s \"php\" shop) or >> just >> the way it is? my login's telling me the way it is. am I wrong? > > most programming languages have specific functions to scape properly all > strings and also most of them to protect you from SQL injection (PHP is > one example). > > You should search your language's documentation on how to prepare your > queries passing arguments instead of concatenating it your self on the > query and how to quote properly the strings so you can stop worrying > about it once and for all... ;) > > cheers, > --renato > -- MySQL General Mailing List For list archives: http://lists.mysql.com/mysql To unsubscribe: http://lists.mysql.com/[EMAIL PROTECTED]
