how to insert the value having double quotes in the database?

Question

insert into sent_message (user_id,subject,message,background_url,total_recipients,created_at) values ('115','Greeting','Hx z'xi','/images/default/1.jpg',2,'2015-07-23 10:48:41')

For the message column i have used the value with single quotes hence i got the insertion error....

And i tried to change the query as below but the output and the error is same. Ho to over come it.

SET QUOTED_IDENTIFIER ON GO insert into sent_message (user_id,subject,message,background_url,total_recipients,created_at) values ('115','Greeting','Hx z'xi','/images/default/1.jpg',2,'2015-07-23 10:48:41')

`addslashes` may help or escape the strings. – Sougata Bose Jul 23 '15 at 08:56 — Sougata Bose, Jul 23 '15 at 08:56
i want even single quotes to be inserted in the table. – Mani Kandan Jul 23 '15 at 08:57 — Mani Kandan, Jul 23 '15 at 08:57
to use *mysqli_real_escape_string()* is the trick – donald123 Jul 23 '15 at 09:03 — donald123, Jul 23 '15 at 09:03

score 3 · Accepted Answer · answered Jul 23 '15 at 09:25

Have you tried using prepared statements? This way you don't have to worry about adding the quotes in the values section; you use question marks instead as place holders.

You could then use addslashes to escape any double/single quotes when you pass your variables/strings to the execute method.

You didn't mention which database you're using, so I'm assuming MySQL?

Here is the PHP manual on prepared statements:

http://php.net/manual/en/mysqli.quickstart.prepared-statements.php

score 0 · Answer 2 · answered Jul 23 '15 at 11:43

0

The escape character for single quote (') is two single quotes (''). Thus Example:

Insert into SomeTable(TextField) Select 'Some ''single quotes inserted'''

Will yield:

Select TextField from SomeTable

Some 'single quotes inserted'

answered Jul 23 '15 at 11:43

Appleman

126
7

how to insert the value having double quotes in the database?

2 Answers2