[prev in list] [next in list] [prev in thread] [next in thread] 

List:       php-db
Subject:    Re: [PHP-DB] Escaping queries in php using InterBase
From:       Yves Glodt <y.glodt () vo ! lu>
Date:       2001-08-22 12:42:00
[Download RAW message or body]

On Wednesday 22 August 2001 14:34, Patrik Wallstrom wrote:
> On Wed, 22 Aug 2001, Yves Glodt wrote:
> > Hello,
> >
> > I'm in trouble with my current project which uses Interbase as
> > backend. (php.ini: magic_quotes_sybase = On)
> > When I insert a string containing a ', like Beverly D'Angelo,
> > php saves it with two '
> > When I insert it with two ', it gets saved with four '
>
> [...]
>
> I have always wondered why there is no mysql specifig quoting
> functions in php. Here is what I use:
>
> function myslashes($content = "") {
>     $content = str_replace("\\","\\\\",$content);
>     $content = str_replace("'","\\'",$content);
>     return $content;
> }
>
> I guess Interbase also uses backslash for quoting?

Unforunately not!
You must use ' for escaping.
But now rethinking, some str_replace("''","'",$var); before displaying 
the string should do it.

thank you,

yves


--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, e-mail: php-db-unsubscribe@lists.php.net
For additional commands, e-mail: php-db-help@lists.php.net
To contact the list administrators, e-mail: php-list-admin@lists.php.net

[prev in list] [next in list] [prev in thread] [next in thread]