Error

Hello,

I have a problem in one of my application related to MySQL queries. After inserting values in the form, there is need to add entries in another tables also. To add these extra entries on after insert event, I need to write SQL quires manually.

When I test this form with different values, I have few values which has a single quote in the string, e.g. “St. Josed father’s institute.” In this string there is single quote so it is giving error:


Error
Error while accessing the database:
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'St. Josed father's institute' at line 1
select a, b, c from foo where bar = 'St. Josed father's institute'

I removed this error by adding “mysql_real_escape_string()” function. This function replaces single quote (’) to slash and single quote (’). That is how this problem is solved.

Now my real problem is that,

  1. when I load this inserted value in a grid field, it loads with slash and single quote (’) not just single quote. Is there any inbuilt options that eliminate this slash character.
  2. In one grid form there is SQL query to load this data, in that query there is WHERE statement which requires this field. So the query becomes, "SELECT a, b, c FROM foo WHERE bar = ‘St. Josed father’s institute’; " so this is another problem.

Thank You.

Not sure, but try to use the php function ‘addslashes’ before writing to the database.

This select select a, b, c from foo where bar = ‘St. Josed father’s institute’ is wrong.
http://dev.mysql.com/doc/refman/5.0/en/string-literals.html here you should be able to find your solution.