How to insert special characters into a database

Question

Can anyone tell me how to insert special characters into a MySQL database  I ve made a PHP script which is meant to insert some words into a database  although if the word contains a   then it wont be inserted     I can insert the special characters fine when using PHPmyAdmin  but it just doesn t work when inserting them via PHP  Could it be that PHP is changing the special characters into something else  If so  is there a way to make them insert properly

User · Answer

var   mysql real escape string  data  amp  the base     result   mysql query  SELECT   FROM php bugs WHERE php bugs category like        var

User · Answer

insert data   mysql real escape string  input data     Assuming that you have the data stored as  input data

User · Answer

htmlspecialchars function is the best solution fellows  Today I was searching for how to insert strings with special characters and the google thrown so many Stackoverflow listings None of them provided me solution  I found it in w3schools page  Yes I could solve my problem by using this function like this    abc    POST  xyz      abc   htmlspecialchars  abc

User · Answer

You are most likely escaping the SQL string  similar to   SELECT   FROM  table  WHERE  column     Here s a syntax error     You need to escape quotes  like follows   SELECT   FROM  table  WHERE  column     Here  s a syntax error     mysql real escape string   handles this for you

User · Answer

For Example    parent category name   Men s Clothing Consider here the SQL query   sql category name    SELECT c    cd name  cd category id  as iid FROM    DB PREFIX    category c LEFT JOIN     DB PREFIX    category description cd ON  c category id   cd category id  WHERE cd name          this- gt db- gt escape  parent category name       AND c parent id  0       Error   Static analysis   1 errors were found during analysis   Ending quote   was expected   near    at position 198  SQL query  Documentation  SELECT c    cd name  cd category id as iid FROM oc category c LEFT JOIN oc category description cd ON  c category id   cd category id  WHERE cd name    Men s Clothing  AND c parent id  0 LIMIT 0  25  MySQL said  Documentation   1064 - You have an error in your SQL syntax  check the manual that corresponds to your MySQL server version for the right syntax to use near  s Clothing  AND c parent id  0 LIMIT 0  25  at line 1   Try to implement    this- gt db- gt escape  parent category name    The above method works on OpenCart framework  Find your framework  amp  implement OR mysql real escape string   in Core PHP  This will become Men  s Clothing i e  In my case   sql category name    SELECT c    cd name  cd category id  as iid FROM    DB PREFIX    category c LEFT JOIN     DB PREFIX    category description cd ON  c category id   cd category id  WHERE cd name          this- gt db- gt escape  parent category name       AND c parent id  0       So you ll get the clear picture of the query by implementing escape   as  SELECT c    cd name  cd category id as iid FROM oc category c LEFT JOIN oc category description cd ON  c category id   cd category id  WHERE cd name    Men  s Clothing  AND c parent id  0

User · Answer

Are you escaping  Try the mysql real escape string   function and it will handle the special characters

User · Answer

Probably  mysql real escape string    will work for u

User · Answer

use mysql real escape string  So what does mysql real escape string do   This PHP library function prepends backslashes to the following characters   n   r      x00   x1a      and      The important part is that the single and double quotes are escaped  because these are the characters most likely to open up vulnerabilities   Please inform yourself about sql injection  You can use this link as a start

User · Answer

You are propably pasting them directly into a query  Istead you should  escape  them  using appriopriate function - mysql real escape string  mysqli real escape string or PDO  quote depending on extension you are using

User · Answer

I put it here for future reference  After wasting 20 minutes i got a solution to put special characters to database  we do not have to use mysql real escape string  holdvalue  like that  we have to do this in this way   db- gt real escape string  holdvalue   Where  db is the databse connection details   db   mysqli connect DB SERVER  DB USERNAME  DB PASSWORD  DB NAME

User · Answer

Note that as others have pointed out mysql real escape string   will solve the problem  as will addslashes   however you should always use mysql real escape string   for security reasons - consider   SELECT   FROM valid users WHERE username   user  AND password   password    What if the browser sends  user  admin  OR  user     password     AND         The query becomes   SELECT   FROM valid users  WHERE username  admin  OR  user    AND password     AND         i e  the security checks are completely bypassed   C

User · Answer

Use this  htmlentities   POST  field       Enough only  This for special character   Use for CI htmlentities  this- gt input- gt post  control name

[php] How to insert special characters into a database?

Examples related to php

Examples related to mysql

Examples related to database

Examples related to insert

Examples related to special-characters