Apostrophe

[Manny]

First thing first, I will give you two links to show what my problem is.WORKING PAGENON WORKING PAGEOn both pages, look in the right hand column, underneath the related stories. On the first link it works fine but on the second it says the search could not be completed.The "?id=" number brings a name out of the database (ie. Kevin Nolan or Andy O'Brien). The working page is Kevin Nolan, but Andy O'Brien doesn't work and I believe this is because there needs to be a slash (ie Andy O\'Brien).How would I go about putting this "\" in without it appearing in the display where the name is on show.

[justsomeguy]

What does your code to get the result from the database look like? You can probably use mysql_real_escape_string to escape any characters like that.

[Manny]

The digit after the "?id=" in the URL retrieves a name from the database which is stored in the variable "$name", which you can see in the query below.Here is the SQL query that I use.

$sqlstatement = " SELECT * FROM `search` WHERE `Keywords` LIKE CONVERT( _utf8 '%$name%' USING latin1 ) COLLATE latin1_swedish_ci ORDER BY `search`.`ID` DESC ";$sql_result = mysql_query($sqlstatement,$connection) or die("<BR /><BR /><span class=\"c3\">Your search request could not be completed.</span>");//variableswhile ($row = mysql_fetch_array($sql_result)){//Table rows and variables//OUTPUT}

I've heard about the mysql_real_escape_string and have read up on it on the W3Schools website but cannot integrate it into my solution

[justsomeguy]

$sqlstatement = " SELECT * FROM `search` WHERE `Keywords` LIKE CONVERT( _utf8 '%" . mysql_real_escape_string($name) . "%' USING latin1 ) COLLATE latin1_swedish_ci ORDER BY `search`.`ID` DESC ";

[Manny]

Thank you very much sir! Worked a treat!