On Wednesday 04 February 2004 00:09, Chris Bruce wrote:
> I have modified your line { $email_list .= "'{$row['email']}',"; },
> with { $email_list .= str_replace("'", "\'", "'{$r[email]}',"); }, but
> now it escapes all the single quotes. Is there a php function that
> escapes single quotes in Mysql queries?
Yes, surprisingly enough it's called mysql_escape_string().
> If not, do you know the best
> way to escape *only* single quotes in the email address string and not
> the single quotes surrounding the string?
>
> Example (output of $email_list)
> '[EMAIL PROTECTED]','[EMAIL PROTECTED]'that.com','etc...
> Need to escape the [EMAIL PROTECTED]'that.com
I don't understand why you want to escape the single-quote. You shouldn't be
allowing such entries anyway because quotes are not valid characters for
domain names thus it's an invalid email address.
--
Jason Wong -> Gremlins Associates -> www.gremlins.biz
Open Source Software Systems Integrators
* Web Design & Hosting * Internet & Intranet Applications Development *
------------------------------------------
Search the list archives before you post
http://marc.theaimsgroup.com/?l=php-general
------------------------------------------
/*
Trust everybody, but cut the cards.
-- Finlay Peter Dunne, "Mr. Dooley's Philosophy"
*/
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
