Posted by nick.bonadies on 04/11/07 18:10

On Apr 11, 10:45 am, Toby A Inkster <usenet200...@tobyinkster.co.uk>
wrote:
> nick.bonadies wrote:
> > I'm trying to deal with user inputs of single quotes into form fields
> > that get input into a MSSQL database. So far I have discovered that
> > if I turn on magic_quotes_sybase in my php.ini file PHP will correctly
> > escape the single quotes.
>
> Argh! Don't do that!
>
> Just use str_replace("'", "''", $data) on data before you send it to the
> database and don't do anything on the returned data.
>
> --
> Toby A Inkster BSc (Hons) ARCS
> Contact Me ~http://tobyinkster.co.uk/contact
> Geek of ~ HTML/SQL/Perl/PHP/Python*/Apache/Linux
>
> * = I'm getting there!

yeah that makes much more sense! thank you!

nick

• Next in forum: Re: Single quotes in MSSQL
• Prev in forum: Re: Anyone want to join me in developing www.ValueAds.biz
• Thread view: Re: Single quotes in MSSQL

[Reply to this message]