I'm trying to make a query with PHP but my apostrophes are automatically converted to #039; by $repBdd and so the query doesn't work. However, when I do my echo, it is the ' that are displayed.
Do you know how to fix this?
$pseudo = addslashes($_GET['pseudo']);
$mdp = addslashes($_GET['mdp']);
$query = "select * from utilisateur where pseudo='".$pseudo."' and motdepasse ='".$mdp."'";
echo(htmlspecialchars($query);
$repBdd = $bdd->prepare(htmlspecialchars($query, ENT_QUOTES));
$repBdd->execute();
$result = $repBdd->fetch();
$repBdd->closeCursor();```
I recommands you to only use " htmlspecialchars " on
$pseudoandmotdepasse, you can't use it on the all Query without breaking the request.Also you can use the filter_input directly on $_GET['yourData']