mysql_real_escape_string and ’

Question

I'm using mysql_real_escape_string to escape a string before inserting it into my mysql database.

Everything's working fine, except that the character ’ is getting missed and turned into ’ by mysql.

What can I do to get solve the problem? Should i be using a better function to escape the string?

I'm also worried that other charachters might be getting missed and being similarly turned into nonsense!

Please help!

Thanks :)

Answer 1

The character ’ is not getting missed, it is simply a character that is not used by mysql for encasing strings, and does not need to be escaped.

The reason it is turning into that strange string is because it is a multi-byte character, and you are putting it into a single byte field.

Answer 2

You should be using prepared statements with bind variables instead: http://php.net/manual/en/pdo.prepared-statements.php This way you don't have to worry about escaping anything. The advantages are mentioned in the documentation I linked to.

Answer 3

mysql_real_escape_string() simply escapes a handful of characters (using \'s) to make them "safe" to shove into your query. You appear to have an encoding mismatch with your data (the styled quote) and your column encoding type. mysql_real_escape_string will never resolve that kind of issue.

Answer 4

Is that a fancy quote? If so, it probably looks like gibberish in your database due to character encoding differences. Each table has an associated character encoding, and the connection has its own encoding.

Try executing "SET NAMES utf8" before your query. That will set the encoding of the connection to UTF-8. Of course, if you are trying to store UTF-8 characters into, say a latin1 table, you will still not get the result you expect.