Code Forums - View Single Post

abc123 · 03-28-2003, 01:33 PM

i posted it up there

replace all instances of <'> in your strings with <''>

i.e:

Code:

$one = "hello there's a cat in my hat";
#becomes...
$two = "hello there''s a cat in my hat";

then no malicious sql can run.

03-28-2003, 01:33 PM	#13 (permalink)
abc123 bloomberg Join Date: Jun 2002 Location: bloomberg Posts: 263	i posted it up there replace all instances of <'> in your strings with <''> i.e: Code: $one = "hello there's a cat in my hat"; #becomes... $two = "hello there''s a cat in my hat"; then no malicious sql can run. __________________ -- bloomberg.