Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

mysql escaping single and double quotes

Tags:

sql

php

mysql

I have a script that i am writing to move certain fields to a new db like 

$results = mysql_query ( "SELECT body, title  FROM $source_db.Post" );
while ($row = mysql_fetch_array($results)) {
if(mysql_num_rows($users_result) > 0){
    $insert = "INSERT INTO wp_posts (`body`,`title`) VALUES ('{$row['body']}', '{$row['row']}')";
    mysql_query($insert);
    }
}

but as you can see the query will break everytime due to the single and double quotes, is there a solution to this problem like herdok or something

INSERT INTO wp_posts (`body`,`title`)
            VALUES
                ('Here are the final returns from today's ...<br /><br />he stayed home...<br />
<div class="entry-content">
<div class="entry-body">', 'something')
like image 541
Matt Elhotiby Avatar asked Dec 06 '25 08:12

Matt Elhotiby

1 Answers

mysql_real_escape_string is made for just this.

PHP: mysql_real_escape_string

$insert = "INSERT INTO wp_posts ('body','title') VALUES ('".mysql_real_escape_string($row['body'])."', '".mysql_real_escape_string($row['row'])."')";
like image 62
Michael Irigoyen Avatar answered Dec 07 '25 21:12

Michael Irigoyen
Sign in to Comment

Related questions

How do I allow mobile users to bypass the redirect?

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!