My string $name = "Ali'Shan"; I want store it into database but the ' I use htmlentities/ htmlspecialchars and str_replace but insert I still get syntax error ' .
$name = "Ali'Shan";
str_replace("'", "", $name);
echo $name;
echo htmlentities($name);
My output is still Ali'Shan
People are also looking for solutions to the problem: php - how can i put file to a certain google drive account?
Our community is visited by hundreds of web development professionals every day. Ask your question and get a quick answer for free.
Do you know the answer to this question? Write a quick response to it. With your help, we will make our community stronger.
Find the answer in similar questions on our website.
Answer
Solution:
Use
addslashes() or mysql_real_escape_string()Answer
Solution:
Use
htmlentitiesandhtmlspecialcharswhen you want to insert text into an HTML document.A database is not an HTML document. You need to use the appropriate mechanisms for adding text to an SQL query.
For the most part, those mechanisms are prepared statements with bound variables.
Answer
Solution:
what about
Answer
Solution:
Use mysql_real_escape_string($str) while inserting in database.