www.hkvforums.com


https://www.hkvforums.com/

How to escape single quote in SQL?

https://www.hkvforums.com/viewtopic.php?t=58733

Page 1 of 1

How to escape single quote in SQL?

Posted: Wed Apr 03, 2024 8:39 am
by clphpmak

I'm using the Page_Unload in list page and insert some user date between table so it fills in First, Last, Email Address etc.

I have a variable

$FIRST_NAME = CurrentUserInfo("first_name");

And insert it into another table. The problem is if user enter something like Mark's or other single quotes.

I tried $FIRST_NAME = mysqli_real_escape_string($FIRST_NAME); did not work.

Is there something that PHPMaker can do to sanitize?

Thank you

Re: Best way to escape single quote

Posted: Wed Apr 03, 2024 10:15 am
by mobhar

There are some tricks to do it, you may Google "php escape single quote".

Re: How to escape single quote?

Posted: Wed Apr 03, 2024 10:30 am
by arbei

If you use v2024, you may simply use ORM.

All times are UTC+08:00
Page 1 of 1

Powered by phpBB® Forum Software © phpBB Limited