computermax2328 Posted June 14, 2012 Share Posted June 14, 2012 Hello again, Just a quick question, I couldn't think of the term to use to google search for this answer. In my MYSQL INSERT or UPDATE command I am getting an error because the name I am trying to insert has a ' in the last name, like O'Riley. What is the command called to filter the ' to be inserted into the database? I couldn't find. Thanks again! Link to comment https://forums.phpfreaks.com/topic/264188-mysql-insert-with-single-quotes/ Share on other sites More sharing options...
mrMarcus Posted June 14, 2012 Share Posted June 14, 2012 mysql_real_escape_string Link to comment https://forums.phpfreaks.com/topic/264188-mysql-insert-with-single-quotes/#findComment-1353859 Share on other sites More sharing options...
computermax2328 Posted June 14, 2012 Author Share Posted June 14, 2012 Thank You! Link to comment https://forums.phpfreaks.com/topic/264188-mysql-insert-with-single-quotes/#findComment-1353875 Share on other sites More sharing options...
scootstah Posted June 14, 2012 Share Posted June 14, 2012 You should be using mysql_real_escape_string() on all user input that interacts with the database to prevent SQL injection. Link to comment https://forums.phpfreaks.com/topic/264188-mysql-insert-with-single-quotes/#findComment-1353876 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.