Handling Apostrophes using PHP/MySQL?

Question:

David W

2008-05-23 06:27:57 UTC

Hello, what do you think is the best way to handle apostrophes in PHP/MySQL?

I’m writing an adventure game and the user can enter text. If they enter text with an apostrophe I need to strip this out or I get MySQL errors. Ideally I want to escape the apostrophe so it gets stored in the table and then when it’s retrieved the code recognises an escaped apostrophe and displays it correctly

How would you handle the input from the user and then display it back again?

Thanks!

Three answers:

anonymous

2008-05-23 06:31:34 UTC

mysql_real_escape_string($qry) - going in

stripslashes($result) - coming out

newlb4u

2008-05-24 10:07:17 UTC

I agree with the chap above. doing a simple replace of the ' with '' tells sql that you are including an apostrophe in your text. I guess, at a puch you could stop them entering it altogether. Most people when typing into a game don't generally use correct gramma so it may be wise to strip it out altogether.

Good luck with the game.

L

anonymous_person_1337

2008-05-23 15:06:34 UTC

I don't know about MySQL exactly, but I know that in Firebird (another open source DBMS), if you replace a single quote with TWO single quotes in a row, it'll escape it properly AND save the apostrophe properly in the database.

Try it out, and see how it works.

ⓘ

This content was originally posted on Y! Answers, a Q&A website that shut down in 2021.

about - legalese

Loading...