Jenski
Reputation: 1468
Quotes, PHP, MySQL
I feel daft asking this, but it's driving me potty. How can I make this string:
Children\''s Toy
Suitable for insert to a MySQL database and escape the characters properly?
Thanks
Upvotes: 1
Views: 200
Answers (3)
Asaph
Reputation: 162771
Like this:
Children\\\'\'s Toy
But you really should be relying on something built into PHP like mysql_reql_escape_string() or better yet, parameterize queries using PDO.
Here's my test of the above:
mysql> select 'Children\\\'\'s Toy' as escapedString;
+------------------+
| escapedString |
+------------------+
| Children\''s Toy |
+------------------+
1 row in set (0.49 sec)
Upvotes: 1
Jacob Relkin
Reputation: 163228
mysql_real_escape_string should do it.
If you are using the mysqli extension, you can do it the same way. ( mysqli_real_escape_string )
Upvotes: 4