Home/ Questions/Q 6361463
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-24T23:46:51+00:00

Why do I get an error when I add ‘ to the end of

  • 0

Why do I get an error when I add ' to the end of a URL? For example : http://mywebsite.com/singel?id=24'

I get the following error:

You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '\' LIMIT 1' at line 1

This is shown everywhere if I put ' after any id in the query string.

What is wrong, and how it can be fixed?
Thank you.

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    You are inserting a non-escaped variable in an SQL query. And if this variable happens to contain SQL special chars, this can cause SQL syntax errors or worse.

    You need to escape your variables before inserting them in your SQL queries.

    Example:

    $query = "SELECT * FROM users WHERE id = " . mysql_real_escape_string($id);

    Instead of (this is WRONG, don’t do this):

    $query = "SELECT * FROM users WHERE id = $id LIMIT 1";

    If $id is 24', the query becomes:

    $query = "SELECT * FROM users WHERE id = 24' LIMIT 1";

    As you can see, there is a ' after 24, which is a syntax error.

    • 0