Posted by Jerry Stuckle on 10/16/07 17:16

redog6@hotmail.com wrote:
> Hi
> I have a webform with many free text fields and have a problem with
> apostrophes and single quotes as this breaks the mysql query string.
>
> I obviously need to escape these characters - magic_quotes_gpc sounds
> ideal but is not an option as I don't have access to the php.ini file
> and it is currently set to 0.
>
> I could use either addslashes or mysql_real_espcape_string but do I
> have to apply this to every field individually or is there a way to do
> it to all in one go?
> Any advice on the most suitable method and how to do it in one go
> would be greatly appreciated.
>
> Many thanks
> Redge
> P.S please reply to this group rather than by email - thanks
>
>

mysql_real_escape_string() - that's what it's made for.

And yes, you need to apply it to each field separately.

--
==================
Remove the "x" from my email address
Jerry Stuckle
JDS Computer Training Corp.
jstucklex@attglobal.net
==================

• Next in forum: Re: addslashes, mysql_real_escape_string or magic_quotes_gpc?
• Prev in forum: Re: CSS Equivalent of Frames?
• Thread view: Re: addslashes, mysql_real_escape_string or magic_quotes_gpc?

[Reply to this message]