[prev in list] [next in list] [prev in thread] [next in thread]
List: php-db
Subject: Re: [PHP-DB] Escaping queries in php using InterBase
From: Yves Glodt <y.glodt () vo ! lu>
Date: 2001-08-22 12:42:00
[Download RAW message or body]
On Wednesday 22 August 2001 14:34, Patrik Wallstrom wrote:
> On Wed, 22 Aug 2001, Yves Glodt wrote:
> > Hello,
> >
> > I'm in trouble with my current project which uses Interbase as
> > backend. (php.ini: magic_quotes_sybase = On)
> > When I insert a string containing a ', like Beverly D'Angelo,
> > php saves it with two '
> > When I insert it with two ', it gets saved with four '
>
> [...]
>
> I have always wondered why there is no mysql specifig quoting
> functions in php. Here is what I use:
>
> function myslashes($content = "") {
> $content = str_replace("\\","\\\\",$content);
> $content = str_replace("'","\\'",$content);
> return $content;
> }
>
> I guess Interbase also uses backslash for quoting?
Unforunately not!
You must use ' for escaping.
But now rethinking, some str_replace("''","'",$var); before displaying
the string should do it.
thank you,
yves
--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, e-mail: php-db-unsubscribe@lists.php.net
For additional commands, e-mail: php-db-help@lists.php.net
To contact the list administrators, e-mail: php-list-admin@lists.php.net
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic