[Solved]when variable contains a quot Insert does not work

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
byenary
Forum Newbie
Posts: 10
Joined: Mon Apr 03, 2006 6:15 am

[Solved]when variable contains a quot Insert does not work

Post by byenary »

$qs = "INSERT INTO videodb VALUES ('$id','$title','$artist');";
$result = mysql_query($qs);

This code normaly works unless $artist or $title contains a quot '
I when i echo $qs and try it in phpmyadmin, it says quot not closed and refering to the end...
Any way to work around this issue ?

Byenary
Last edited by byenary on Tue Aug 22, 2006 4:28 am, edited 1 time in total.
User avatar
CoderGoblin
DevNet Resident
Posts: 1425
Joined: Tue Mar 16, 2004 10:03 am
Location: Aachen, Germany

Post by CoderGoblin »

You need to add a backslash immediately before the quote..

Code: Select all

$qs="SELECT 'This isn't working'"
will not work

Code: Select all

$qs="SELECT 'This isn\'t working'"
will.

For user/variable entered text you may want to use addslashes
byenary
Forum Newbie
Posts: 10
Joined: Mon Apr 03, 2006 6:15 am

Post by byenary »

Thx addslashes does the job !
User avatar
volka
DevNet Evangelist
Posts: 8391
Joined: Tue May 07, 2002 9:48 am
Location: Berlin, ger

Post by volka »

Please use mysql_real_escape_string instead of addslashes.
User avatar
CoderGoblin
DevNet Resident
Posts: 1425
Joined: Tue Mar 16, 2004 10:03 am
Location: Aachen, Germany

Post by CoderGoblin »

Never noticed that one, following on from that (I hardly ever use Mysql) there is a similar command for postgres which I have just found...
pg-escape-string
Post Reply