HTML Special Character #39 – The Apostrophe: In this article, Thomas Shaw shows the screenshots of different job sites just after entering the word you’ll into search forms.
If you do not encode special characters in web forms, you run the risk of breaking the search query or the ability to insert malicious code into the database.
Tip: In PHP, always use mysql_real_escape_string function to sanitize data.
is there any predefined method in ruby as ” mysql_real_escape_string” in php.
June 8, 2009 at 4:44 pm uma mahesh varma
Hi Uma, I think you can use escape_string() or quote()
I’m not familiar with Ruby. But a little googling, and I found this link: http://www.tmtm.org/en/mysql/ruby/
June 10, 2009 at 4:19 pm Syam Kumar R