computermax2328 Posted June 14, 2012 Share Posted June 14, 2012 Hello again, Just a quick question, I couldn't think of the term to use to google search for this answer. In my MYSQL INSERT or UPDATE command I am getting an error because the name I am trying to insert has a ' in the last name, like O'Riley. What is the command called to filter the ' to be inserted into the database? I couldn't find. Thanks again! Quote Link to comment https://forums.phpfreaks.com/topic/264188-mysql-insert-with-single-quotes/ Share on other sites More sharing options...
mrMarcus Posted June 14, 2012 Share Posted June 14, 2012 mysql_real_escape_string Quote Link to comment https://forums.phpfreaks.com/topic/264188-mysql-insert-with-single-quotes/#findComment-1353859 Share on other sites More sharing options...
computermax2328 Posted June 14, 2012 Author Share Posted June 14, 2012 Thank You! Quote Link to comment https://forums.phpfreaks.com/topic/264188-mysql-insert-with-single-quotes/#findComment-1353875 Share on other sites More sharing options...
scootstah Posted June 14, 2012 Share Posted June 14, 2012 You should be using mysql_real_escape_string() on all user input that interacts with the database to prevent SQL injection. Quote Link to comment https://forums.phpfreaks.com/topic/264188-mysql-insert-with-single-quotes/#findComment-1353876 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.