|
|
Posted by Andy Hassall on 10/06/17 11:31
On 8 Nov 2005 07:15:33 -0800, "frizzle" <phpfrizzle@gmail.com> wrote:
>Hmm,
>somehow i can't get it to work correctly:
>
>I tested inserting the following text:
>'"\ (single quote, double quote, backslash)
>
>Via PHP:
> $new_var = mysql_real_escape_string($_POST['var']);
> $put_info = mysql_query("INSERT INTO `test` ( `id` , `text` )
>VALUES ('', '".$new_var."');");
Print out all the values involved to the browser so you can actually see what
is happening.
In my previous reply that you haven't quoted, I said:
>>Nothing's automatically converted, unless you have the dreaded
>>magic_quotes option turned on.
So, do you have magic_quotes turned on? If you don't know, use Google to find
out what it is. There is a chapter in the PHP manual about it.
--
Andy Hassall :: andy@andyh.co.uk :: http://www.andyh.co.uk
http://www.andyhsoftware.co.uk/space :: disk and FTP usage analysis tool
[Back to original message]
|