To:
php-general@lists.php.net> Subject: [PHP] handling ' with mysql/php insert and
select> > In my form, I am parsing all the text inputs through >
mysql_real_escape_string() before inserting the data. however, when I > look at
the SQL query in PHP, when I type the word bla
On Thu, January 3, 2008 1:22 pm, Adam Williams wrote:
> In my form, I am parsing all the text inputs through
> mysql_real_escape_string() before inserting the data. however, when I
> look at the SQL query in PHP, when I type the word blah's to my text
> box
> variable, and then insert it into mysq
Adam Williams wrote:
> In my form, I am parsing all the text inputs through
> mysql_real_escape_string() before inserting the data. however, when I
> look at the SQL query in PHP, when I type the word blah's to my text box
> variable, and then insert it into mysql after being ran through
> mysql_r
> when I type the word blah's to my text box
> variable, and then insert it into mysql after being ran through
> mysql_real_escape_string(), it does:
>
> insert into contract (contract_id, responsibility) VALUES (15, 'blah\\\'s')
It looks like magic quotes is turned on. Take a look at
http://us2.p
On 1/3/08, Adam Williams <[EMAIL PROTECTED]> wrote:
>
> In my form, I am parsing all the text inputs through
> mysql_real_escape_string() before inserting the data. however, when I
> look at the SQL query in PHP, when I type the word blah's to my text box
> variable, and then insert it into mysql
In my form, I am parsing all the text inputs through
mysql_real_escape_string() before inserting the data. however, when I
look at the SQL query in PHP, when I type the word blah's to my text box
variable, and then insert it into mysql after being ran through
mysql_real_escape_string(), it doe
6 matches
Mail list logo
