Escaping single quote in PHP when inserting into MySQL [duplicate]

by

You should be escaping each of these strings (in both snippets) with mysql_real_escape_string().

http://us3.php.net/mysql-real-escape-string

The reason your two queries are behaving differently is likely because you have magic_quotes_gpc turned on (which you should know is a bad idea). This means that strings gathered from $_GET, $_POST and $_COOKIES are escaped for you (i.e., "O'Brien" -> "O\'Brien").

Once you store the data, and subsequently retrieve it again, the string you get back from the database will not be automatically escaped for you. You’ll get back "O'Brien". So, you will need to pass it through mysql_real_escape_string().

More Related Contents:

  1. Using PHP read word in textarea line by line and insert to mySQL
  2. How to insert multiple rows from array using CodeIgniter framework?
  3. PHP mysql insert date format
  4. What does it mean to escape a string?
  5. Incorrect Integer (2147483647) is inserted into MySQL?
  6. Is mysql_real_escape_string() broken?
  7. Escaping MySQL wild cards
  8. PHP/MySQL Insert null values
  9. MySQL – ignore insert error: duplicate entry
  10. How to search for slash (\) in MySQL? and why escaping (\) not required for where (=) but for Like is required?
  11. Object of class DateTime could not be converted to string
  12. php run once and insert twice in mysql database
  13. PHP mySQL – Insert new record into table with auto-increment on primary key
  14. Replacing \r\n with PHP
  15. Comma separated numeric values – PHP CodeIgniter
  16. Select those record only from table 1 where city exist against state id in table 2 in PHP
  17. PHP PDO prepared statements
  18. select count(*) from table of mysql in php
  19. Why I am getting Cannot pass parameter 2 by reference error when I am using bindParam with a constant value?
  20. Loading .sql files from within PHP
  21. implement LIKE query in PDO
  22. MySQL db question marks instead of hebrew characters..?
  23. “Warning: Cannot modify header information – headers already sent by” error [duplicate]
  24. How I can create installer for website. PHP mysql [closed]
  25. How to join two tables with ssp.class.php
  26. How to convert IPv6 from binary for storage in MySQL
  27. Eloquent many-to-many-to-many – how to load distant relation easily
  28. How do I save PHP session data to a database instead of in the file system?
  29. MySQL, how to insert null dates
  30. Escaping SQL queries in Codeigniter

Leave a Comment