[icra]

Quote:

Originally Posted by Vince If that symbol appears in your actual table then you did something wrong. Escaping is done only on special characters to prevent syntactical errors.

Nope,

mysql_real_escape_string puts a \ before ', "escaping it". In this way, the query won't recognize it as the end of the argument.

Example:

string = "Hit 'Em Up"

mysql_real_escape_string(string, result);

result = "Hit \'Em Up"

I think he needs displaying "result" as string, but if he's reading it from the query he'll have only "result". This means he haves to remove "\" character.

You can easily do a command like:

Код:

mysql_real_unescape_string(string[], result[]) {
   if(strcmp("\",result)) {
     // ... removes \ from the string.
   }
}

I'm not sure "\" character can be read from strcmp.