Hello Dimitri,

Wednesday, January 7, 2004, 4:06:25 AM, you wrote:

DM> I had it perfect so that when someone uploaded a picture in a form, it
DM> uploaded to my server and saved the image name etc. in the database. The
DM> problem is, what if someone tries saving a picture with an apostraphe ie (
DM> ' ) or ( " )? I know this isn't a usual format, and I tried htmlsecialchars
DM> ENT_QUOTES but it still saves the picture name onto the server like such:
DM> photo\'.jpg.

Strip them out (use the stripslashes() function) before saving to SQL.

-- 
Best regards,
 Richard                            mailto:[EMAIL PROTECTED]

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Reply via email to