PDA

View Full Version : Solved: Prevent Sql injection in User Form



ChloeRadshaw
06-11-2009, 02:51 PM
I have a bunch of input boxes which I need to save down to the database.

Does anyone know how to escape text entered by a user (which might contain apostrophes)....

This should be fairly common.

I am using straight SQL to insert the data into the database - INSERT INTO MyTable Values(...)

ChloeRadshaw
06-13-2009, 02:16 AM
I ended up having just to escape single apostrophes