Sign Up to our social questions and Answers Engine to ask questions, answer people’s questions, and connect with other people.
Login to our social questions & Answers Engine to ask questions answer people’s questions & connect with other people.
Lost your password? Please enter your email address. You will receive a link and will create a new password via email.
Please briefly explain why you feel this question should be reported.
Please briefly explain why you feel this answer should be reported.
Please briefly explain why you feel this user should be reported.
I am creating a messaging system but the problem I face is that when users try and enter certain characters like ‘ into the message, the database doesnt want to allow it.
Any idea what this is?
This is called SQL injection. Basically, by not handling your user input properly, you’re allowing anyone and everyone to execute arbitrary SQL statements (not good!). If you search for ‘SQL Injection’, you’ll get tonnes of resources.
For starters, have a look at this question: How can I prevent SQL injection in PHP?