i have tried escaping the qurey string and the $variable containing the apostrophe using the mysqli_real_escape_string the variable value is coming form the database. i am getting the following error.
You have an error in your SQL syntax; check the manual that corresponds to your
MySQL server version for the right syntax to use
near '\'Shamrock Rovers%\' AND away_team like \'St Patrick's Athletic%\'' at line 1
the apostrophe is not geiiting escaped byt the quotes around the comparison vales is.
here is the query as it appers in the PHP file:
$homeTeam = filter_input(INPUT_GET, 'homeTeam', FILTER_SANITIZE_STRING);
$homePlayers = "select * from players where team_name like $homeTeam";
$homePlayers = mysqli_real_escape_string($dbc, $homePlayers);
$homePlayersResult = mysqli_query($dbc, $homePlayers);
And echoed out to the browser:
select * from players where team_name like Shamrock Rovers
I have tried it a number of different ways with no variation in results i feel i am overlooking something simple. Thanks in advance.
Aucun commentaire:
Enregistrer un commentaire