[eluser]KeyStroke[/eluser]
Hi,
I'm having a problem that's driving me insane. My search function query has this part:
Code:
AGAINST('?' IN BOOLEAN MODE)
and I'm using binding as you can tell, which automatically escapes variables (which is the search keywords here). However, if a user enters ', ", /, or other characters, then he'll get back a database SQL syntax error exposing the whole query.
Is there a way to treat any character(s) the user enters as search data without breaking the whole thing?
Appreciate your help.
