In PHP-script i need to update title, content fields. If I put "@" into content I get error "Description: Incorrect syntax near '@'." I fixed with symbols ' ". Is there any solution for escaping or framework for DB layer?
I'm forced to use f**ng MS SQL :(
Code:
$conn = new COM ("ADODB.Connection")
$db_conn = $conn->open('bla-bla-password...');
$query = sprintf( "UPDATE page SET title='%s', page_content='%s' WHERE id=%d;", addslashes($title), addslashes($content), intval($id));
$rs = $db_conn->execute($query);
