* Jonathan Hilgeman
> So something like Joe's Farm will look like Joe's Farm. It gets
> inserted into the database without any addslashes, and when you
> retrieve it from the database, it should work fine without any
> converting to this or that.
...and when you search the database, you must do t
You can also try replacing quote marks with their HTML-equivalent entities.
Put this function in your code somewhere:
function PrepareQuotes($Var)
{
$Var = str_replace("'","'",$Var);
$Var = str_replace('"',""",$Var);
return $Var;
}
And on variables that might have apost
Sherwin Ang writes:
> another approach is using the str_replace() function, just replace the
> single quote ' with two single quotes '' and database inserts should be
> fine.
Very funny. Let's say you're making this query:
DELETE FROM t1 WHERE str_field = '$value'
with your way of doing things
Tim Thorburn" <[EMAIL PROTECTED]>
Cc: <[EMAIL PROTECTED]>
Sent: Wednesday, January 09, 2002 11:59 AM
Subject: RE: apostrophe's in PHP & MySQL
> Hi Tim,
> You can get around that proble using AddSlashes() function in PHP. So is
you
> have a text box where the
Hi Tim,
You can get around that proble using AddSlashes() function in PHP. So is you
have a text box where the users enter their inputs, say assigned to the
variable $feedback then , before entering it into mysql, you will have to
apply AddSlashes() on it. So do something like
$feedback=AddSlash
single quotes must be proceded by "\" -- use PHP's addslashes function on
the field before insert:
field = addslashes(field);
see http://www.php.net/manual/en/function.addslashes.php
- Original Message -
From: "Tim Thorburn" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Tuesday, Ja