adnan khalid adnan khalid - 4 years ago 151
SQL Question

How to save string with single quote in database with mysqy_real_escap_string using PHP

I want to save string "thats'one" in my table columns, but I don't want to use

. So can anyone guide me regarding this how can I do that? I would like to appreciate. Many Thanks

Answer Source

Since Im seeing so many low quality comments here, here is a rough untested answer.

$query = "INSERT INTO table (Column) VALUES (?)";
$stmt = $mysqli->prepare($query);
$stmt->bind_param("s", $val1);
$val1 = "thats'one";

This presumes $mysqli is your connection object.

Additional links on the topic:
How can I prevent SQL-injection in PHP?

Recommended from our users: Dynamic Network Monitoring from WhatsUp Gold from IPSwitch. Free Download