On Tuesday 17 December 2002 15:12, John Taylor-Johnston wrote: > I'm particularily concerned aboute single quotes. How do I escape them? > Should I? > > Here is what I think is right. > > ----------snip---------- > $myconnection = mysql_connect($server,$user,$pass); > mysql_select_db($db,$myconnection); > > $query = "INSERT INTO testals VALUES (addslashes($part1), > addslashes($part2), addslashes($part3), addslashes($part4));";
Functions inside a string would have no effect. Do this instead: $part1 = addslashes($part1); ... ... $query = "INSERT INTO testals VALUES ($part1,... -- Jason Wong -> Gremlins Associates -> www.gremlins.biz Open Source Software Systems Integrators * Web Design & Hosting * Internet & Intranet Applications Development * /* I'm sitting on my SPEED QUEEN ... To me, it's ENJOYABLE ... I'm WARM ... I'm VIBRATORY ... */ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
