MySQL Lists: mysql: Re: Handling text block with quote "" embedded in it

List:	General Discussion	« Previous Message Next Message »
From:	Paul DuBois	Date:	April 28 2000 11:18pm
Subject:	Re: Handling text block with quote "" embedded in it
View as plain text

At 7:07 AM -0500 2000-04-29, Xiaolin Allen Zhao wrote:
>Hi, All,
>
>	It is a kind of stupid question:
>
>	insert into table_name (field_name) values ("test_block");
>
>	But the text_block itself may contain "". Is there a better way of
>doing this?
>
>	In fact, this is a cgi writen in C where
>	sprintf(sql_command, "insert into table_name (field_name) values
>(\"%s\")", text_block);
>
>	I see a trap in the statement when text_block itself contains some ""
>mark.
>
>	Any comments?


Escape the quote with a backslash.  You can use the mysql_escape_string()
function from the MySQL C API to do this for you.  See the C API
chapter of the MySQL Reference Manual.

-- 
Paul DuBois, paul@stripped

Thread
• Handling text block with quote "" embedded in it	Xiaolin Allen Zhao	29 Apr
• Re: Handling text block with quote "" embedded in it	Paul DuBois	29 Apr
• Re: Handling text block with quote "" embedded in it	Faisal Nasim	29 Apr
• Re: Handling text block with quote "" embedded in it	Orlando Andico	29 Apr