Select query with htm code ' ' in data field

I have a mysql table with the following in a field 'Queen's'

a simplified version of my code:

$Loc = "Queen's";

$query = 'SELECT PRODUCT_LOCATION FROM PRODUCTS WHERE (PRODUCT_LOCATION LIKE \"%$Loc%\")';

$result = mysql_query($query);

The problem is that the html code within the $Loc is getting 'converted' to the display character so the query doesn't match anything.

I can't really change the html codes within the database as others use it and I don't know what implications changing the data might cause.

Any ideas how I can get the query to work correctly?

Thanks for any help.

 

If your problem is what I think it is, look at html_entity_decode:

http://php.net/manual/en/function.html-entity-decode.php

Also, if it what I think it is, you need to sanitise user input before putting it straight into a query otherwise someone could inject their own sql into your query.

 

Cheers for that very helpful. Unfortunately I have no control over the data in the DB.

 

What's in the database, Queen's or Queen's?

 

Rukbat second one : & # 3 9 ; s

Cheers

 

Then just html-encode $Loc before you use it in your query.