mysql_real_escape_string()
addslashes()
htmlentities()
take your pick
bastien
> From: [EMAIL PROTECTED]> To: php-general@lists.php.net> Date: Mon, 18 Feb
> 2008 23:05:10 -0500> Subject: [PHP] mysql input> > I have a user saving a
> VARCHAR(255) field in a mysql db which has > single quotes in the text, how
> can i replace them so that they dont > fuck up my mysql command?> > -e> > --
> > PHP General Mailing List (http://www.php.net/)> To unsubscribe, visit:
> http://www.php.net/unsub.php>
_________________________________________________________________
