DaveLinger Posted August 7, 2006 Share Posted August 7, 2006 I'm beginning to run into some SQL problems... I have a text area in which the user can enter text and upon submission it is added to a "text" column in my mysql db. The problem is quotes (among other things) screw it up. How can I get around that? Quote Link to comment Share on other sites More sharing options...
kenrbnsn Posted August 7, 2006 Share Posted August 7, 2006 Use the function mysql_real_escape_string() on all text fields that will be stored in a MySQL database. (http://www.php.net/mysql_real_escape_string)Example:[code]<?php$q = "insert into yourtable set fieldname1 = '" . mysql_real_escape_string($your_variable) . "'";$rs = mysql_query($q) or die("Problem with query: $q<br>" . mysql_error());?>[/code]Ken Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.