hokietoner Posted April 4, 2008 Share Posted April 4, 2008 I'm doing something like this using PDO: $stmt = $handle->prepare("INSERT INTO table (name, userId) VALUES (?, ?)"); $stmt->execute(array($name, $userId)); I know that PDO prevents against SQL injection by doing the quote escaping for me, but I'm noticing that the escape is being stored in the table. Normally, if my sql was "INSERT INTO table (col) VALUES ('foo\'bar')" Then the data inserted would be foo'bar But using PDO, the data in the table is foo\'bar How do I prevent the backslash from being stored in the table? Thanks Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.