apostrophe during Insert (Mysql)

php mysql insert
21,575

Use mysql_real_escape_string(), or better yet, use parameterised queries with PDO.

Share:
21,575
Ank
Author by

Ank

Updated on January 20, 2020

Comments

  • Ank
    Ank over 4 years

    I am getting data though a PHP text box and inserting it into a MySQL database with a normal insert command. The text box takes in a comment frm the user for a particular Accession ID next to the text box. The problem is that when a user types in apostrophe (') for example the sentence "We have to take care of the PC's", an error is thrown.

    I know why its happening because the SQL assumes it as the end of the string for that value but I don't know how to escape it. I would prefer escaping it in MYSQL.

    If I escape it in MySQL can it still be exploited as SQL injection even if no error is generated and the insert works fine?

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

Insert data into MySQL database from Android app. Changes not reflected in database
One query to insert multiple rows with multiple columns
how to insert data in mysql( wamp) database through php?
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '''')' at line 2
How to insert form data into MySQL database table
SQL query INSERT not working inserting values into my DB
Syntax error with IF EXISTS UPDATE ELSE INSERT
php run once and insert twice in mysql database
Mysql get last id of specific table
Inserting html code in a mysql table