mysql query with single quotes in a variable

Posted on 16th Feb 2014 07:03 pm by admin

$sitedetails = "INSERT INTO vars (address, sitename, description, ownername, theme) VALUES ('$url', '$sitename', '$description', '$ownername', '$theme') ";
mysql_query($sitedetails) or die(mysql_error()); // site details in mysql

If say $sitename = "scott nicol's blog"; - this will give me:
Code: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 's blog test', 'scott nicol', 'scott nicol', 'default')' at line 1
I know it's due to the single quite in 'nicol's', how do I keep the quote, but stop this error?

Your Answer:

Login to answer

Other forums

Mail Form receiving emails with no content
Hi, I hope someone here can help me.
I have a simple form in my website, it was working OK, after

Simple Scraper... Weird Output
Okay, maybe I just need a Blue Monster and some sleep, but....

I'm scraping a ringtone site

need to add "sizes" to shopping cart
Hey guys, I am trying to figure out a way to add a "size" selector on to this bit of code.

default SAP userid
hi,, I just like to know if it is ok to use the default SAP user id (SAP*)?

Login Script Issues
I am using a script I got from http://phpsense.com/php/php-login-script.html in order to allow peopl

Stuck with preg_replace
Hi,

I'm trying to use preg_replace to remove part of the IP address submitted using a form on

SOAP Issue
Hi,

I am facing some understanding problem with SOAP basic.kindly recommend some SOAP expert.

 formating when pulling data from a mysql database 
Ok so Im not to sure if this is the right thread to post in but here is my catch 22 issue.

I 
Time script, set to my time zone? 
I am using this line to get the date and time

Code: $time = date(F." ".d.", &q
Coding question? 
Hey guys, I have a quick question.  If I want to make a way for people to pay for health in my game,