[SOLVED] Little questions with form/INSERT and <textarea> single quotes

[patheticsam]

Hi! I just have a simple question. Il have an HTML form with a <textarea></textarea>.....When the form is processed I have a SQL command to INSERT the <textarea> value......My only concern is when someone enters a ' (single quote) ex : don't... I come up with an SQL error.....Is there anyway I can tell SQL to insert every characters containted in the textarea value? I'm not very good with PHP so that's the reason I'm asking.....

 

If you need to see my code just ask!

 

Thanks in advance....

[Ken2k7]

Use mysql_real_escape_string(). You should use that for all SQL entries to prevent SQL injection.