I have a system where users contribute things, and once they are approved they're added to the database. However, recently users have been contributing things with double quotes (") inside them, and all of the content past the double quote is wiping out whatever was supposed to be put into the MySQL table. Here's the code:
$sth = $dbh->prepare("INSERT INTO ljokes(content,contribid
+) VALUES (?,?)");
has the contents to put inside the table in it. I've tried running it through these filters:
$editpage =~ s/\"/\\"/g;
$editpage =~ s/\"/\"\;/g;
But to no avail. Does anyone have any ideas on what's going wrong here?