chanchelkumar Posted June 27, 2007 Share Posted June 27, 2007 Hi Friends, Am working on a WYSIWYG editor, and while entering some data's containing ' it is not entering into the data base giving me this error message... You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 's and would be able to supply a smooth professional service for workers on work' at line 1" In my SQL table the field type is BLOB I changed it in to text but the problem exists!!!! My charset is UTF-8!!! Is this the problem behind it???? what can i do?? Please help me!!!! Quote Link to comment Share on other sites More sharing options...
obsidian Posted June 27, 2007 Share Posted June 27, 2007 You need to escape the user input. If you have an apostrophe like that, it opens you up to SQL injection if you do not handle the data properly. You need to run the data through mysql_real_escape_string() before you put it into the database. Quote Link to comment Share on other sites More sharing options...
chanchelkumar Posted June 27, 2007 Author Share Posted June 27, 2007 Thanks Buddy!!!! You get me out from the circle where am revolving for the last two months.... thanks a lot!!!!!! Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.