php - insert sql {"title": {...}} - escape?

View Original

I'd like to insert the following to my database:

"INSERT INTO `table` (`column1`, `column2`, `column3`) VALUES (1, 2, '{"title": {"abc1":def","abc2":"def2" ...}}')";

How can I achieve that? I guess I have to escape the string but I haven't figured it out yet.

Answer

Solution:

Prepared statements is what you want.

  $stmt = $pdo->prepare('
Insert Into
    table
SET
    column1=:col1Val,
    column2=:col2Val,
    column3=:col3Val
';
  $stmt->execute([
    ':col1Val'=>'Value',
    ':col2Val'=>$someVar,
    ':col3Val'=>'{"title": {...}}'
  ]);
if($stmt->rowCount() > 0){
    echo 'Row Inserted<br>';
} else {
    echo 'Row Not Inserted<br>';
}

Answer

Solution:

for example

Insert Into Person_Table (Firstname,Lastname,Age) Values ('Sahand','Golpour',25)

Use quotation marks only for the string data type

Source
© 2021
E-mail: contact@webdevask.com
Back to top