The standard solution is to use binding.
JDBC and Perl DBI both support it, and I imagine most other environments
do as well.
In such case, your query will turn from:
"INSERT INTO someTable values ('foo\'')"
Into:
"INSERT INTO someTable values (?)"
You're use a prepared statement, and before executing it, you'll set the
value of your variable.
Read the mysql manuals for whatever language's interface you're using.
Kevin
> -----Original Message-----
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
> Sent: Monday, June 30, 2003 12:26 PM
> To: harsh; My Sql List
> Subject: Re: The quote ' problem...
>
>
> i don't believe there is another solution,
> but anyway, how many characters per second can your users
> type that this string replacement could be a measurable
> slowdown of the process?
>
> -yves
>
>
> -----Ursprüngliche Nachricht-----
> Von: "harsh" <[EMAIL PROTECTED]>
> An: "My Sql List" <[EMAIL PROTECTED]>
> Gesendet: Montag, 30. Juni 2003 21:09
> Betreff: The quote ' problem...
>
>
> >
> > I have to take a text input from users and store
> > it in table,to avoid ' error i can replace ' with \',
> >
> > is there any other solution as that might slow down the process ?
> >
> > harsh
> >
> >
> > --
> > MySQL General Mailing List
> > For list archives: http://lists.mysql.com/mysql
> > To unsubscribe:
> http://lists.mysql.com/mysql?> [EMAIL PROTECTED]
> >
>
>
> --
> MySQL General Mailing
> List
> For list archives: http://lists.mysql.com/mysql
> To unsubscribe:
> http://lists.mysql.com/mysql?> [EMAIL PROTECTED]
>
>
--
MySQL General Mailing List
For list archives: http://lists.mysql.com/mysql
To unsubscribe: http://lists.mysql.com/[EMAIL PROTECTED]
