The best way to store &(Ampersand) in MySQL database

Question

I\'m building a category list and I\'m unsure how to store the Ampersand symbol in MySQL database. Is there any problem/disadvantage if I use \'&\'. Are the

Answer 1

We store '&' into database fields all the time, it's fine to do so (at-least I've never heard an argument otherwise).

If you're only ever using the string in a HTML page you could just store the HTML safe & version I suppose. I would suggest that storing '&' and escaping it when you read it would be better though (in-case you need to use the string in a non-HTML context in the future).

Answer 2

Storing it as & is an appropriate method. You can echo it or use it in statements as &.

Answer 3

Use & if you want to have a valid HTML or avoid problems, like cut&copy (browser shows it as cut©).

Answer 4

Using '&' saves a few bytes. It is not a special character for MySQL. You can easily produce the & for output later with PHP's method htmlspecialchars(). When your field is meant to keep simple information, you should use plain text only, as this is in general more flexible since you can generate different kinds of markup etc. later. Exception: the markup is produced by a user whose layout decisions you want to save with the text (as in rich-text input). If you have tags etc. in your input, you may want to use & for consistency.

Answer 5

You should store it as & only if the field in the DB contains HTML (like <span class="bold">some text</span> &amp; more). In which case you should be very careful about XSS.

If the field contains some general data (like an username, title... etc) you should only escape it when you put it in your HTML (using htmlentities for example).