Form validation for an access database

OneSeventeen

I've got a form with text fields that are sent into an access database, and I want to make sure user input doesn't fubar my INSERT statements.
Currently the only thing I've noticed that really throws a wrench in the machine is single quotes ' When I look at the SQL statement after PHP assebles it, it looks like this:

INSERT INTO TblEmployees (Notes, Login, [Date]) VALUES ('I don\'t like single quotes', 'fskla01', '10/01/03');

If I don't use a single quote at all, the statement works perfectly, but when I use a single quote, even when preceded by a forward-slash, it throws back errors.

Is there a quick/easy way around this? I'm assuming ereg_replace(); ?

weekender

you'd probably want a backslash () not a forward (/)

or you can use addslashes()

OneSeventeen

my bad, I meant backslash ()

It actually looks like this:
SERT INTO TblEmployees (Notes, Login, [Date]) VALUES ('I don\'t like single quotes', 'fskla01', '10/01/03');

And the database still catches the quote thinking it is the end of a data set.

I'm assuming it is an access problem, because I've never had this problem at home with MySQL.

maxpup979

addslashes is your friend...🙂