Mysql throw error when there are special characters in query !, The characters like “`” etc are always a nuisance in sql queries.
For this reason , it’s always a necessity to use mysql_real_escape_string() (www.php.net/mysql_real_escape_string) ! , On one hand it’s secure and make sure that the queries don’t die while executing.
The syntax that should be used for mysql_real_escape_string are :-
<?php
$string = mysql_real_escape_string ($string);
?>
Hope it helps !…..
{ 2 comments… read them below or Shout @ me! }
I’m trying to escape an ‘&’ or amperstand that I’m putting in an Enum field like this
field/column: Color
Enum: ‘Silver’,'Silver & Gold’,'Silver & Stones’
to be used like this
echo “” . $row['Color','0'] . “”;
echo “” . $row['Color','1'] . “”;
echo “” . $row['Color','2'] . “”;
As the data must come from the Enum field entered in phpMyAdmin, isn’t there an escape that can be used in the Enum input like?
‘Silver’,'Silver %s& Stones’,'Siler %s& Gold’
If so, why is there not a list of the escape sequances available?
You could try appending the & after the query is called. Addionally, the stripslashes() and mysql_escape_string() automate the slashing thing for php. Else, a better method str_replace() should work for you.
Hope that helps.