A
Anonymous
Guest
try the following 2 sql queries and you will see what I mean:
now, the addslashes prevents the ' from causing errors in the mysql statement,. but the / returns an error in the mssql query. How does one get aroudnt his in mssql?
Code:
$where = "users'";
$where = addslashes($where);
$sqlMY = "select * from $where";
$where = "orders'";
$where = addslashes($where);
$sqlMS = "select * from $where";
now, the addslashes prevents the ' from causing errors in the mysql statement,. but the / returns an error in the mssql query. How does one get aroudnt his in mssql?