[Mysqli_Real_Escape_String Problem]

thank you larry 

 

$fn = mysqli_real_escape_string($conn,trim($_POST['first_name']));

 

this is the code , when i input last name like : larry']  or larry" , is register in database with ' and " .

[Mysqli_Real_Escape_String Problem]

YES .

[Mysqli_Real_Escape_String Problem]

hello larry !

 

i learn your book 4,

in ensuring Secure SQL chapter i write like your example but the mysqli_real_escape_string is not working i do everything like you connecto to database with require ('include/mysqli_connect.php'); // Connect to theand i input name like kali' and i input like fister"-* . but i find him in localhost like this name and i print him in view user i find him like i write .