How do I insert a value that has double quotes in the database?
insert into sent_message (user_id,subject,message,background_url,total_recipients,created_at) values ('115','Greeting','Hx z'xi','/images/default/1.jpg',2,'2015-07-23 10:48:41')
For the post column, I used a single quoted value, so I got an insert error ...
And I tried to modify the query as below, but the output and error are the same. Ho to make it happen.
SET QUOTED_IDENTIFIER ON GO insert into sent_message (user_id,subject,message,background_url,total_recipients,created_at) values ('115','Greeting','Hx z'xi','/images/default/1.jpg',2,'2015-07-23 10:48:41')
+3
source to share
2 answers
Have you tried using prepared statements? This way, you don't have to worry about adding quotes in the values ββsection; instead, you use question marks as placeholders.
Then you can use addslashes
to escape any double / single quotes when passing variables / strings to the execute method.
You didn't mention which database you are using, so I'm assuming MySQL?
Here is the PHP instruction for prepared statements:
http://php.net/manual/en/mysqli.quickstart.prepared-statements.php
+3
source to share