Hello Dimitri, Wednesday, January 7, 2004, 4:06:25 AM, you wrote:
DM> I had it perfect so that when someone uploaded a picture in a form, it DM> uploaded to my server and saved the image name etc. in the database. The DM> problem is, what if someone tries saving a picture with an apostraphe ie ( DM> ' ) or ( " )? I know this isn't a usual format, and I tried htmlsecialchars DM> ENT_QUOTES but it still saves the picture name onto the server like such: DM> photo\'.jpg. Strip them out (use the stripslashes() function) before saving to SQL. -- Best regards, Richard mailto:[EMAIL PROTECTED] -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php