Firstly, thanks to everone who replied so fast!!
> I have an annoying problem, that I just haven't been able to get around yet. When I parse the
> input from a form and go to insert it eveything works fine as long as the user doesn't use
> the ' character in the input. I've tried using qw{} and qq{}, which either don't interpolate
>> or give me errors. Anyone have any suggestions? Postgres 6.4, Apache 1.3, mod_perl 1.16.
>> The insert statement is below.
>escape your imput strings first...something like:
a number of people suggested something like:
>$phone_number =~ s/'/\\'/g;
Ok, I tried this - it does what it looks like is supposed to. If I enter:
John's shoes, I get John\'s shoes. Unfortunatly I still get an error. If i enter it
as John's shoes' ,I dont get an error. Seems like it only likes them in pairs. The funny thing is if
I supply them in pairs, it inserts the whole string, I'd have thought that it would parse them
or something, and only insert the values between the '.
Ken