In my database, I have a column named storeName with a value called Joe's Kitchen.
When user enters Joe's Kitchen, I would store it in a variable named storeName and do a select query on it like this: "SELECT * FROM shops WHERE storename='".$storeName."'". Problem now is that the value contains apostrophe, how should I go about this ?
I have tried the method below but it is not working
$storeName = mysqli_real_escape_string($db->getConnection(),$_POST["storeName"]);
Aucun commentaire:
Enregistrer un commentaire