How can I write text containing many special characters in the MSSQL database?

part of the text to be inserted:

("CoreFields / StringFields / Field [ReferenceName = 'System.AssignedTo'] / OldValue" = 'Semen Semen' OR "CoreFields / StringFields / Field [ReferenceName = 'System.AssignedTo'] / NewValue" = 'Semen Semen') AND

Tried to escape * * , tried mysql_real_escape_string

A syntax error always crashes.

  • 3
    mysql and mssql are "slightly" different things. however, in any case, it is worth using the parameters for queries, many such questions will be solved. - Yura Ivanov
  • perhaps it is worth serializing this line and putting it in BLOB, unless of course a search is performed on this field - YNY

1 answer 1

In order not to bother with screening, provide this exciting activity to the client library, use PDO and bindParam http://php.net/manual/ru/pdostatement.bindparam.php Or mysqli and mysqli_stmt_bind_param http://php.net/manual/ru/ mysqli-stmt.bind-param.php The latter did not work, but it should work.