surfsup Posted September 23, 2007 Share Posted September 23, 2007 I have a form form which users are inputting data in to my Database. They often input pieces of text that contain " marks. This causes a problem as it seem to terminate the input a that point. How can I deal with this.? Can I somehow replace the " on input with say ' ? (not ideal) THanks Link to comment https://forums.phpfreaks.com/topic/70383-solved-marks-input-into-mysql/ Share on other sites More sharing options...
Jessica Posted September 23, 2007 Share Posted September 23, 2007 Use mysql_real_escape_string and google "sql injection" Link to comment https://forums.phpfreaks.com/topic/70383-solved-marks-input-into-mysql/#findComment-353569 Share on other sites More sharing options...
rarebit Posted September 23, 2007 Share Posted September 23, 2007 $s = mysql_escape_string($s); http://uk3.php.net/manual/en/function.mysql-escape-string.php Link to comment https://forums.phpfreaks.com/topic/70383-solved-marks-input-into-mysql/#findComment-353570 Share on other sites More sharing options...
BlueSkyIS Posted September 23, 2007 Share Posted September 23, 2007 mysql_real_escape_string is better. Link to comment https://forums.phpfreaks.com/topic/70383-solved-marks-input-into-mysql/#findComment-353571 Share on other sites More sharing options...
darkfreaks Posted September 23, 2007 Share Posted September 23, 2007 agreed Link to comment https://forums.phpfreaks.com/topic/70383-solved-marks-input-into-mysql/#findComment-353572 Share on other sites More sharing options...
rarebit Posted September 23, 2007 Share Posted September 23, 2007 mmm, it's actually deprecated, i'm watching 'a life backwards' and stuarts just done himzen in! Soz! I can never remember things... so I did a search and that was what I saw first! Link to comment https://forums.phpfreaks.com/topic/70383-solved-marks-input-into-mysql/#findComment-353573 Share on other sites More sharing options...
darkfreaks Posted September 23, 2007 Share Posted September 23, 2007 mysql_escape_string is depreciated use mysql_real_escape_string instead. Link to comment https://forums.phpfreaks.com/topic/70383-solved-marks-input-into-mysql/#findComment-353575 Share on other sites More sharing options...
surfsup Posted September 23, 2007 Author Share Posted September 23, 2007 Perfect thanks Link to comment https://forums.phpfreaks.com/topic/70383-solved-marks-input-into-mysql/#findComment-353591 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.