Insert Strings that contain " ` " or " ' " to the database table - Php

Question

I have to insert some strings to my database.

The problem is that every time I use " ` " or " ' " it causes errors in the Sql.

For ex, when someone types "that's great" , it just messes everything up.

How can I solve this?

Thanks!

possible duplicate of Insert a value containg single quotes in MySQL — zero323
– zero323, Commented Sep 20, 2013 at 23:44

Lavneet · Accepted Answer · 2013-09-20 23:59:42Z

2

Use the real escape string function. Actually, MySQL prevents ' or ` from entering the system in order to prevent SQL Injection attacks.

Function Syntax: mysql_real_escape_string($your_string)

answered Sep 20, 2013 at 23:59

Lavneet

6268 silver badges20 bronze badges

Sign up to request clarification or add additional context in comments.

Comments

Community · Accepted Answer · 2023-11-14 22:24:31Z

1

CommunityBot

11 silver badge

answered Sep 20, 2013 at 23:45

user2417483

Could you please help me upgrading my code to mysqli? lets get into a chat.

McAden · Accepted Answer · 2013-09-20 23:53:14Z

1

Use a prepared/parameterized query.

answered Sep 20, 2013 at 23:53

McAden

14k5 gold badges39 silver badges63 bronze badges