I have a file that contains both single quote(') and double quote("). There is a field in database where i am saving the content of the file.
Now, the problem arises in the SQL query as ' and " conflicts with each other. There is ' quote in SQL query and file content has their own. So, they are conflicting. How can i handle this?
Here is the code which i am trying to do:
$filename = "folder/file.txt";
$file_content = file_get_contents($filename);
$sql = 'INSERT INTO table (content)
VALUES ('.$file_content.')';
if ($conn->query($sql) === TRUE) {
echo "value submitted";
}else {
echo "Error: " . $sql . "<br>" . mysqli_error($conn);
}
Please help.
Escape the string before inserting with the help of mysql_real_escape_string method.