Derleek Posted July 23, 2008 Share Posted July 23, 2008 I am storing e-mails for a mass e-mail system i'm throwing together. I can't figure out how to allow people to put a single quote in the message without throwing everything off... this is the code that i have now, which doesn't allow users to use the ': $sql = "INSERT INTO mail (msg) VALUES ('$content')"; I've tried: $sql = `INSERT INTO mail (msg) VALUES ("$content")`; and get 'query was empty' and: $sql = 'INSERT INTO mail (msg) VALUES ("$content")'; the sql inserts $content how do i get around this? Link to comment https://forums.phpfreaks.com/topic/116303-solved-mysql-and-single-quotes/ Share on other sites More sharing options...
fenway Posted July 23, 2008 Share Posted July 23, 2008 You have to escape the quotes -- mysql_real_escape_string() comes to mind. Link to comment https://forums.phpfreaks.com/topic/116303-solved-mysql-and-single-quotes/#findComment-598065 Share on other sites More sharing options...
Derleek Posted July 23, 2008 Author Share Posted July 23, 2008 thanks... i think that should work just fine Link to comment https://forums.phpfreaks.com/topic/116303-solved-mysql-and-single-quotes/#findComment-598088 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.