I have a sql request and in firebug I have an error.
This is my sql request :
$sql = "UPDATE public.".$tableBDD." SET ".$champsDB." WHERE ".$idTable."='".$idUpdate."'";
And before that, I have this :
$champsDB.= $champs->nom.'=\''.addslashes($ligne[$i]).'\',';
So it should work because I add slashes in my string. But my error is :
Warning: pg_query(): Query failed: ERROR: syntaxe error on « hiver » LINE 1: ...M_ASK',annee_ref_c_amg='1958',nom_culture='Blé d\'hiver',dat...
And it shows the error on "d'\hiver" So I donc understand why because I shouldn't have an error with the quotes anymore.
Can someone help me please ?
In PostgreSQL you have to use pg_escape_string:
pg_escape_string() escapes a string for querying the database. It returns an escaped string in the PostgreSQL format without quotes. pg_escape_literal() is more preferred way to escape SQL parameters for PostgreSQL. addslashes() must not be used with PostgreSQL. If the type of the column is bytea, pg_escape_bytea() must be used instead. pg_escape_identifier() must be used to escape identifiers (e.g. table names, field names)