| Subject | RE: [ib-support] Insert String question: more detail |
|---|---|
| Author | Richard Pendered |
| Post date | 2002-04-24T13:51:42Z |
Screawn,
Before constructing the SQL Insert text, double up singles quotes, or if you
will only show this on web pages, replace all occurences of teh singles
quote with "'" which is the HTML equiv of single quote.
RP...
-----Original Message-----
From: Screawn [mailto:Screawn@...]
Sent: 24 April 2002 14:41
To: ib-support@yahoogroups.com
Subject: [ib-support] Insert String question: more detail
If a user enters into a form <input name="company" type='text'>
Company_name: Dave's Company
A single quote is used to show ownership.
The php variable $company is placed within an insert statement.
$sqlstring="Insert into Customers(customer_no,company_name)values
(gen_id(gen_customer_no,1),'$company');";
..execute($sqlstring)
This works fine as long as the user doesnt enter a single quote in
the Company name field. How can the user enter a single quote without
generating an error?
To unsubscribe from this group, send an email to:
ib-support-unsubscribe@egroups.com
Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/
Before constructing the SQL Insert text, double up singles quotes, or if you
will only show this on web pages, replace all occurences of teh singles
quote with "'" which is the HTML equiv of single quote.
RP...
-----Original Message-----
From: Screawn [mailto:Screawn@...]
Sent: 24 April 2002 14:41
To: ib-support@yahoogroups.com
Subject: [ib-support] Insert String question: more detail
If a user enters into a form <input name="company" type='text'>
Company_name: Dave's Company
A single quote is used to show ownership.
The php variable $company is placed within an insert statement.
$sqlstring="Insert into Customers(customer_no,company_name)values
(gen_id(gen_customer_no,1),'$company');";
..execute($sqlstring)
This works fine as long as the user doesnt enter a single quote in
the Company name field. How can the user enter a single quote without
generating an error?
To unsubscribe from this group, send an email to:
ib-support-unsubscribe@egroups.com
Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/