List:General Discussion« Previous MessageNext Message »
From:Paul DuBois Date:June 28 1999 11:48am
Subject:Re: how to handle input with ' ?
View as plain text  
At 9:46 PM -0700 6/27/1999, Ed Lazor wrote:
>Hi :)
>
>I'm really new to this MySQL stuff so please forgive me if this is a looser
>question...
>
>I created a web page with a form to enter data into the database... and it
>works... accept for
>when someone enters some data into a text field that has the character '
>I have no idea
>why it's doing that but was hoping someone here might have an idea... umm..
>any ideas?
>
>Do I just need to tell people not to use that character?  Do I have to
>filter the input for
>valid information?

Depends on how you're processing the form:

C - use mysql_escape_string()
Perl DBI - use $dbh->quote()
PHP - use addslashes()

or are you using something else?

--
Paul DuBois, paul@stripped
Northern League Chronicles: http://www.snake.net/nl/
Thread
how to handle input with ' ?Ed Lazor28 Jun
  • how to handle input with ' ?terry jones28 Jun
  • Re: how to handle input with ' ?Paul DuBois28 Jun