Question
I have an app in PHP , I am getting first Name and last Name from several sources, (API's ,files etc)
Suppose I get Name like john', john", How I can save the name as it is in the Database, the '," could be at any place,The problem is that when I write query like
https://stackoverflow.com/questions/19544803
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianInsert into table values('".$a."');
so If $a contains name John' then the query becomes Insert into table values('John''); which is wrong,( 2 ' at the end) How to cater these scenario in PHP?
Solution
$string=mysqli_real_escape_string($connection,$string);
This function is used to create a legal SQL string that you can use in an SQL statement. The given string is encoded to an escaped SQL string, taking into account the current character set of the connection.
