Escaping special charchters in Select statement SQL PHP -
how escape column' special characters in sql select statement.
i have sql select statement , column account_name has values contains special characters, gives me error doesn't escape special characters.
select * business relationship account_name ='$account_name'
don't utilize of mysql extension commands, obsolete , not recommended anymore.
use pdo , prepared atatements.
http://php.net/pdo
$name = '$somethinghere'; $stmt = $db->prepare("select * business relationship account_name = :name"); $stmt->bindvalue(':name', $name, pdo::param_str); $stmt->execute(); $rows = $stmt->fetchall(pdo::fetch_assoc); php sql
No comments:
Post a Comment