how do I add (using SQL) string that has the char '
I have many words that look like this- dsf'dfdf or dfsdf'
but when I'm trying to add them the query command thinks that the ' is the end of the string and then messes up everything after that.

for example-

$query = "INSERT INTO tbl (Id, courseName) ".

so if the $Name is "abc'def" the query thinks that the "def" part is SQL syntex and gives me errorssssssssss

I should also add that there's no way to change the string that needs to be inserted. there are thousands of records

7 Years
Discussion Span
Last Post by 54uydf

You have to escape the apostrophe with a backslash.
In PHP there is the function mysql_real_escape_string with adds all the necessary backslashes for feeding text into mysql.
The query must read:

INSERT INTO tbl (Id, courseName) VALUES(123,'Apostroph\'d name');

In PHP you have to make sure that the escape character itself gets escaped:

$query = "INSERT INTO tbl (Id, courseName) VALUES(123,'Apostroph\\'d name')";

ok, but I'm not writing a query for every word I want to insert..
I'm moving many records from 1 db to another.. so in the loop my $Name string gets a word each time and needs to insert it.

maybe I need to write a little function that replaces all the ' with \\'
that's the only idea I have at the moment. but then, I'll still have the ' in the update query!

Edited by 54uydf: n/a


To move records from database A to database B just use this:

insert into B (column1, column2) select column_1, column_2 from A

That way you don't have to tackle any special characters.
Since you seem to be using PHP you don't have to write that "little function" yourself but you can use mysql_real_escape_string (as I told you already).

$query = "INSERT INTO tbl (Id, courseName) VALUES('$Id','"  . mysql_real_escape-string($Name) . "')";

I'm not exactly copying db A into db B..
it's more of an update of db A. I add records from B that aren't in db A already and update those in A that have difference in some of the values (but have the same key in A and B)
I will try to use mysql_real_escape-string()

thank you very much!

This question has already been answered. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.