Hi.
For some reason the real_escape_string is not working.
Here is a function that doesnt seem to work.
function add_mail(){
$host = "";
$user = "";
$pass = "";
$database = "";
//this function assigns correct values to the variables to access the database.
get_variables_db2($host, $user, $pass, $database);
$db = new mysqli($host, $user, $pass, $database);
$first_var = "How is ever'thing?";
$second_var = "I go tomorrow-- and it will be f'un";
$third_var ="Hello world.";
$first_var = $db->real_escape_string($first_var);
$second_var = $db->real_escape_string($second_var);
$third_var = $db->real_escape_string($third_var);
$query = ("insert into mail(title, email, content) values('".$first_var."','".$second_var."','".$third_var."')");
$result = $db -> query($query);
$db->close();
}
If it was working, the real_escape_string would convert for example $first_var into:
How is every\'thing?
Right? Well it is not working.
Im using innodb type of database and utf_general_ci charset.
Suggestions please.