For Programmers: Free Programming Magazines  


Home > Archive > PHP DB > September 2004 > Re: [PHP-DB] Addslashes / DB Sort









You are viewing an archived Text-only version of the thread. To view this thread in it's original format and/or if you want to reply to this thread please [click here]

 

Author Re: [PHP-DB] Addslashes / DB Sort
Jason Wong

2004-09-27, 3:57 pm

On Tuesday 28 September 2004 02:49, Ed Lazor wrote:

> I'm using PHP to retrieve user input and store it in MySQL. PHP's
> addslashes function is used on data going into the database

Use the more specific mysql_escape_string() (or friend) instead.

> and PHP's
> stripslashes function is being used on data coming from the database.

You're not supposed to use stripslashes() on data coming from the database --
read up on addslashes() and also search manual for magic quotes.

--
Jason Wong -> Gremlins Associates -> www.gremlins.biz
Open Source Software Systems Integrators
* Web Design & Hosting * Internet & Intranet Applications Development *
------------------------------------------
Search the list archives before you post
http://marc.theaimsgroup.com/?l=php-db
------------------------------------------
/*
The best way to hold a man is in your arms
-- Murphy's Laws on Sex n18
*/
Ed Lazor

2004-09-28, 3:57 am



> Use the more specific mysql_escape_string() (or friend) instead.

> You're not supposed to use stripslashes() on data coming from the database

Kk, thanks Jason =)

-Ed
Sponsored Links







Also available: Server administration forum archive | Web Design forum archive | Software forum archive | Hardware reviews archive

Copyright 2008 codecomments.com