lots of ways to handle this
use HTMLentities($string) to convert the apostrophes
use addslashes($string) to escape them
use mysql_real_escape_string($string) to escape them
the last is my preferred method
bastien> Date: Thu, 3 Jan 2008 13:22:09 -0600> From: [EMAIL PROTECTED]> To:
php-general@lists.php.net> Subject: [PHP] handling ' with mysql/php insert and
select> > In my form, I am parsing all the text inputs through >
mysql_real_escape_string() before inserting the data. however, when I > look at
the SQL query in PHP, when I type the word blah's to my text box > variable,
and then insert it into mysql after being ran through >
mysql_real_escape_string(), it does:> > insert into contract (contract_id,
responsibility) VALUES (15, 'blah\\\'s')> > and when I query the in mysql/PHP
it shows:> > select responsibility from contract where contract_id = 15;>
+----------------+> | responsibility |> +----------------+> | blah\'s |>
+----------------+> 1 row in set (0.00 sec)> > and when I run that select
statement in PHP it prints blah\'s on the > screen. I want it to print back
blah's without the \. So what are my > options? run every variable through
stripslashes(); before printing > them to the screen?> > -- > PHP General
Mailing List (http://www.php.net/)> To unsubscribe, visit:
http://www.php.net/unsub.php>
_________________________________________________________________
Read what Santa`s been up to! For all the latest, visit
asksantaclaus.spaces.live.com!
http://asksantaclaus.spaces.live.com/
