Attempting to update a database with the height of a person. I've tried every variation of mysqli_real_escape_string, addslashes and even str_replace in an attempt to update the database with a single and double quote. Let's assume a person 6' 1". How can I upload this value into a database?
$height = '6\' 1"';
$height = mysqli_real_escape_string($mysqli, $height);
$sql = "INSERT INTO persons (height) VALUES ('$height')";
The result returned in the db, when I do get results, is always the same:
6' 1"
Would it be better to simply accept that it updates this way as my html page will render (6' 1") instead of (6' 1") or is there a better or safer way to update my database?
No comments:
Post a Comment