I'm running a fairly simple script to take the contents of form entry fields and store in MySQL -- as simple as could be, right? When I run my script, however, when there's a single quote in a field, I get the following error. Note the the single quote was positioned just before "test" in the field.
"Error: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '\''test', 'Y', 'Y', 'Y', 'Y', 'Y', 'Y' )' at line 2"
Any suggested solutions? I'm not quite sure what's happening so any help would be greatly appreciated.
TIA,
David
quotes breaking code
Moderator: General Moderators
Re: quotes breaking code
Run your strings through mysql_real_escape_string before you stick them into a query.
Strings in SQL are just like strings in PHP.
PHP thought the string ended right after the 'n'. So then the stuff afterwards is supposed to be code. But it isn't.
Same kind of thing happens in SQL.
Strings in SQL are just like strings in PHP.
Code: Select all
"valid"
'also valid'
'isn't valid'
Same kind of thing happens in SQL.