Inserting in to a database

[dmccabe]

How do you insert data in to a data base when the data you are submitting has " and ' in it?

 

I am wanting to put lots of lines like this:

 

HKUS\S-1-5-19\..\Run: [startUp This] "C:\Program Files\Laplink\PCmover\LaunchSt.exe" (User 'LOCAL SERVICE')

[dmccabe]

Sorry the error I am getting is this:

 

You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'LOCAL SERVICE') ','1')' at line 1

[xProteuSx]

You can escape some characters by putting a '\' in front of them.

 

For example:

 

echo 'You can't do this.';

 

Would bring up an error, but if you do this, it will work:

 

echo 'You can\'t do this.';

 

When you view the text it will show up as: You can't do this.

[dmccabe]

Thanks proteus, but how do I add the slashes if that value is being read from a file?

 

The whole thing:

 

HKUS\S-1-5-19\..\Run: [startUp This] "C:\Program Files\Laplink\PCmover\LaunchSt.exe" (User 'LOCAL SERVICE')

 

Is read in from a txt file and then each line is put in to a variable?

[redarrow]

you use the mysql database functions..

 

example

 

<?php

// addslashes()

// stripslashes()

// mysql_real_escape_string()

//example.

//Making database posted variables safe for a mysql database.

$redarrow=addslashes($_POST['redarrow']);
$redarrow=stripslashes($_POST['redarrow']);
$redarrow=mysql_real_escape_string($_POST['redarrow']);

?>