Tools, FAQ, Tutorials:
Quoting Text Values in PHP
How To Quote Text Values in SQL Statements in PHP?
✍: FYIcenter.com
Text values in SQL statements should be quoted with single quotes ('). If the text value contains a single quote ('), it should be protected by replacing it with two single quotes (''). In SQL language syntax, two single quotes represents one single quote in string literals. The tutorial exercise below shows you two INSERT statements. The first one will fail, because it has an un-protected single quote. The second one will be ok, because a str_replace() is used to replace (') with (''):
<?php include "mysql_connection.php"; $notes = "It's a search engine!"; $sql = "INSERT INTO fyi_links (id, url, notes) VALUES (" . " 201, 'www.google.com', '".$notes."')"; if (mysql_query($sql, $con)) { print(mysql_affected_rows() . " rows inserted.\n"); } else { print("SQL statement failed.\n"); } $notes = "It's another search engine!"; $notes = str_replace("'", "''", $notes); $sql = "INSERT INTO fyi_links (id, url, notes) VALUES (" . " 202, 'www.yahoo.com', '".$notes."')"; if (mysql_query($sql, $con)) { print(mysql_affected_rows() . " rows inserted.\n"); } else { print("SQL statement failed.\n"); } mysql_close($con); ?>
If you run this script, you will get something like this:
SQL statement failed. 1 rows inserted.
⇒ Quoting Date and Time Values in PHP
⇐ Deleting Existing Rows in PHP
2016-10-19, 1384🔥, 0💬
Popular Posts:
Where to find tutorials on Microsoft Azure services? Here is a large collection of tutorials to answ...
How to start Docker Daemon, "dockerd", on CentOS systems? If you have installed Docker on your CentO...
How to read Atom validation errors at w3.org? If your Atom feed has errors, the Atom validator at w3...
How to send an FTP request with the urllib.request.urlopen() function? If an FTP server supports ano...
How To Remove Slashes on Submitted Input Values in PHP? By default, when input values are submitted ...