[TYPO3-english] exec_INSERTquery escaping single quotes
Xavier Perseguers
typo3 at perseguers.ch
Wed Mar 11 14:49:39 CET 2009
Hi,
> Hey I'm making a custom extension where user's need to enter some data
> into input fields. I then use the function exec_INSERTquery to write
> that data into the database. The problem i'm having is when someone
> enters something like: Tom's title (notice the ' char).
>
> That value gets saved like Tom\'s title into the database and gets
> displayed like that in the FE.
You are double-escaping your string somewhere. You should not see any
garbage escaped character such as \' in your database. If you see it
there, it's already too late!
--
Xavier Perseguers
http://xavier.perseguers.ch/en/tutorials/typo3.html
More information about the TYPO3-english
mailing list