Reply to Re: Single quotes in MSSQL — PHP Programming Language

Posted by Toby A Inkster on 04/11/07 14:45

nick.bonadies wrote:

> I'm trying to deal with user inputs of single quotes into form fields
> that get input into a MSSQL database. So far I have discovered that
> if I turn on magic_quotes_sybase in my php.ini file PHP will correctly
> escape the single quotes.

Argh! Don't do that!

Just use str_replace("'", "''", $data) on data before you send it to the
database and don't do anything on the returned data.

--
Toby A Inkster BSc (Hons) ARCS
Contact Me ~ http://tobyinkster.co.uk/contact
Geek of ~ HTML/SQL/Perl/PHP/Python*/Apache/Linux

* = I'm getting there!

[Back to original message]

Удаленная работа для программистов • Как заработать на Google AdSense • England, UK • статьи на английском • PHP MySQL CMS Apache Oscommerce • Online Business Knowledge Base • DVD MP3 AVI MP4 players codecs conversion help

Home • Search • Site Map • Set as Homepage • Add to Favourites

Сайт изготовлен в Студии Валентина Петручека —
изготовление и поддержка веб-сайтов, разработка программного обеспечения, поисковая оптимизация