> If the "\" are showing up in form posted data just do this: > > $newtext = stripslashes($oldtext);
That's what I'm doing now before they're written to the file. > The slashes are put before any single or double quote by a > nifty little php feature called "magic quotes". By escaping > quotes in form posted data you greatly reduce the risk of > sql injections and other types of sneaky stuff. Right. And what I was also trying to do was keep users from posting characters that would mess up the data being written to the page. It's for a limited audience, but you never know who's going to stumble onto it. Thanks for that. It certainly looks like nuking them preemptively is the way to go. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
