On Friday 27 April 2001 17:56, Don Pro wrote:
> $queryID = mysql_query("SELECT Country, Agent FROM Ports
> WHERE Portname = '$portname'");
>
> My question is, if the variable $portname has the ' character within
> in, will this cause an error in my select statement? If the answer is
> "Yes", can someone give me a more robust way of writing it using PHP?
Yes.
use addslashes()
--
Christian Reiniger
LGDC Webmaster (http://sunsite.dk/lgdc/)
Error 032: Recursion error - see error 032
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
