Quick one for the brainboxes!

Hi I’m making sql queries online in a browser text box and my quotes " get converted to " causing an issue, non render, my query is something like numberofcars.yellowcars<“5”

any ideas?:wink:

What are you using? PHP/MySQL?
Are you doing anything to the value inserted in the form field before using it in the query?

if he’s not, he’s a prime target for sql injection

i suspect that he’s html-encoding the actual query string