0

iam working with zend 2. Now i want to insert a data which contain single quotes( for eg: application's name). 

use Zend\Db\Table\AbstractTable;
class ApplicationTable extends AbstractTable {
   protected $_name = "application";
   public function addAlbum($data) {
     $this->insert($data);
   }
}

I am using the above code and it shows a syntax error. How can i escape single quotes while processing the query? Somebody please help...

웃웃웃웃웃
  • 11,829
  • 15
  • 59
  • 91
Science
  • 137
  • 2
  • 16
  • what error you are getting? – Praveen D Oct 12 '13 at 06:21
  • SQLSTATE[42000]: Syntax error or access violation: 1064 You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 's name' ORDER BY `application_name` ASC' at line 1 – Science Oct 12 '13 at 06:24
  • Use quote method in zend and pass inputs to quote method.It will escape the input with proper quotes. – 웃웃웃웃웃 Oct 12 '13 at 06:26
  • Iam sorry.I am not familiar with the quote method.Will you please explain how can I use it in the above function? – Science Oct 12 '13 at 06:35

1 Answers1

-1
Pass the datas before Inserting 
     Use mysqli_real_escape_string:
  mysqli_real_escape_string($mysqliObj,'application's name') or  
  mysql_real_escape_string('application's name') to escape the quotes
Nandakumar
  • 1,071
  • 2
  • 11
  • 30
  • Unfortunately, the `mysql_` and `mysqli_` string escape functions won't necessarily work when accessing the database through Zend, because these functions need a database connection to have been established through the relevant `mysql_` and `mysqli_` connection functions. See http://stackoverflow.com/questions/8685853/mysql-real-escape-string-with-zend – Gus Oct 12 '13 at 08:12