• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 421
  • Last Modified:

Remove apostrophe from search query

Search feature on website throws an error if they put in an apostrophe. How do I clear it out?

$Search = $_GET['SearchString'];
       $query="SELECT * FROM Content WHERE PageContent LIKE '%".$Search."%' OR PageTitle LIKE '%".$Search."%'";
0
katlees
Asked:
katlees
1 Solution
 
Chris StanyonCommented:
Here you go.


$Search = $_GET['SearchString'];
$Search = str_replace("'", "", $Search);

Open in new window

0
 
katleesAuthor Commented:
Perfect - Thanks.
0
 
data_n_pokerCommented:
I think it would be more appropriate to add a \ to there string so they can still search for the apostrophe.  And this allows sql to interpret the apostrophe as a character r in the string.

$Search = $_GET['SearchString'];
$Search = str_replace("'", "\'", $Search);

Open in new window

0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Cloud Class® Course: Certified Penetration Testing

This CPTE Certified Penetration Testing Engineer course covers everything you need to know about becoming a Certified Penetration Testing Engineer. Career Path: Professional roles include Ethical Hackers, Security Consultants, System Administrators, and Chief Security Officers.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now