Removing single quotes from variable

Well, then this should definitely work:


// Check for a description.
if (!empty($_POST['descr'])) {
    $descr = mysql_real_escape_string($_POST['descr']);
} else {
    $descr = FALSE;
    echo '<p><font color="red">Please enter a Description.</font></p>';

if ($descr) {
$query = "UPDATE brbox SET descr='$descr' WHERE id = $id";
echo $query; // these are just for displaying the query
exit(); // these will be removed in the final version

Hi Paul,

Again this still doesn’t seem to want to do it.
Could it be my server that doesn’t have the mysql_real_escape_string function installed?

I’ve tried using the method above you posted, but when I echo my query it still keeps the : isn’t , rather than(I assume) isn\'t .

How do I check if the mysql_real_escape_string is installed?

OK, this is odd.

I’ve tried:


$descr = "Just a Test Description. This isn't on the live site just yet. Just for testing.";
echo $descr;
$descr = escape_data($descr);
echo '<hr />';
echo $descr;


And it escapes it correctly: Just a Test Description. This isn\'t on the live site just yet. Just for testing., but not in my other script :frowning: Can’t think why.

If the function wasn’t available PHP would throw a fatal error. I can’t see any reason why it wouldn’t escape single quotes. Try the simplest test:

echo mysql_real_escape_string("Paul's test");

Please see my most recent post above.

It works, but not on the script I want it too :frowning:

Can I PM you the entire script decowski ? Many thanks for any further help.

Go on, then.

Many thanks, I have PM’d you.