Apostrophe in form causing Error Number: 1064 |
[eluser]loopymonkey[/eluser]
I have a form with a field called comments, and every time i use an ' in the form I get an error number 1064. For example in my comments field i will type "This's my comment", and I will get this error: Quote:An Error Was Encountered I have global xss_filtering on, and I'm using a model for form input: Code: <?php any help or leads appreciated!
[eluser]Craig A Rodway[/eluser]
You have a couple of options - have a look here. I'd recommend the Query Bindings option, so your query would be: Code: $sql = "INSERT INTO participants (id,YourName,email,comments) VALUES (NULL, ?, ?, ?)";
[eluser]loopymonkey[/eluser]
That was it! thanks! Query bindings seem like the way to go. |
Welcome Guest, Not a member yet? Register Sign In |