How can I allow " or ' in any of my form inputs and process it in php with out getting syntax error I dont know where to begin to start trying to fix it.
i would assume you would negate it. How would i go about negating " and ' in the inputs on the form. I have tried this
str_replace("\"","\\\"",str_replace("\'","'",$_POST['server_desc']))
it works for the " but not for ' how can i get it to work for both
Iam getting this error
Error: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 's Minecon, and won the award for \"Best PVP Server!\" LOLWeapons - Includes c' at line 23
Use mysqli_real_escape_string
mysqli::real_escape_string -- mysqli_real_escape_string — Escapes special characters in a string for use in an SQL statement.
Characters encoded are NUL (ASCII 0), , , \, ', ", and Control-Z.