PHP DB - addslashes replacement?

Author

addslashes replacement?

Ed Lazor

2004-06-30, 3:56 pm

I'm using php addslashes to store data into MySQL and php stripslashes when
pulling it back out, but I'm running into trouble when people enter HTML
code. Do you have any recommendations?

Here's an example of what I'm talking about :

<input name="Title" value="<?php echo stripslashes($Entry["Title"]);?>">

An error occurs if the entry has a value of:

this is a <font color="red"><b>test</b></font>. Are we having FUN yet?

Any ideas or recommendations?

Thanks,

-Ed

Kim Steinhaug

2004-06-30, 8:57 pm

Take a look at the php website on the function addslashes.
You will find an example with the functions reslash and reslash.
You might have some problems regarding magic_quotes.
Ive been using the reslash and deslash for some time now without
any problems.

It might solve your problems.

--
Kim Steinhaug
-------------------------------------------------------------------------
There are 10 types of people when it comes to binary numbers:
those who understand them, and those who don't.
-------------------------------------------------------------------------
www.steinhaug.com - www.easywebshop.no - www.easycms.no www.webkitpro.com
-------------------------------------------------------------------------

"Ed Lazor" <Ed.Lazor@d20News.com> wrote in message
news:php.db-35059@news.php.net...
> I'm using php addslashes to store data into MySQL and php stripslashes
when
> pulling it back out, but I'm running into trouble when people enter HTML
> code. Do you have any recommendations?
>
> Here's an example of what I'm talking about :
>
> <input name="Title" value="<?php echo stripslashes($Entry["Title"]);?>">
>
> An error occurs if the entry has a value of:
>
> this is a <font color="red"><b>test</b></font>. Are we having FUN
yet?
>
> Any ideas or recommendations?
>
> Thanks,
>
> -Ed

Sponsored Links