A ' in a MySQL message

I am a problem that has turned out to be very serious for me. It’s the following:
I have a very usual PHP script that is supposed to access a MySQL database and delete what people can enter into a form before. This works perfectly, until someone had the idea to put a ’ into the form. Since the MySQL commands look something like this:
DELETE FROM sprachen WHERE (German = ‘$Germandel[$i]’)
the ’ ends the command and stops the whole thing from working.
Any idea what I can do? This really buggs me.

Thanks in advance,

Use addslashes when querying your database, or mysql_escape_string.

OR, you can filter out apostrophes completely when someone posts and convert them to a character entity.

$Germandel = addslashes($Germandel);
$Germandel = mysql_escape_string($Germandel);


$Germandel = str_replace("’", “’”, $Germandel);

Hope that helps.

also look at mysql_real_escape_string()

also look at mysql_real_escape_string()

Think we got it the first time Lig! :o

Thanks a lot everyone. I got it figured out by converting all the ’ into ASCII (I think this is ascii…?) commands and now it works perfectly. Thanks to everyone for the help.


Oops - :oops: - didn’t know I did that.

Sponsor our Newsletter | Privacy Policy | Terms of Service