Shawn McKenzie wrote:
> tedd wrote:
>>> I think you want to look for magic_quotes_gpc
>>>
>>>
>>> --
>>> Thanks!
>>> -Shawn
>>
>> -Shawn:
>>
>> You were right.
>>
>> I'll fix it.
>>
>> Thanks,
>>
>> tedd
>
> I normally have a prep4display() and prep4store() type function that do
> all of the sens
tedd wrote:
>> I think you want to look for magic_quotes_gpc
>>
>>
>> --
>> Thanks!
>> -Shawn
>
>
> -Shawn:
>
> You were right.
>
> I'll fix it.
>
> Thanks,
>
> tedd
I normally have a prep4display() and prep4store() type function that do
all of the sensitization/prep for either storing or display
tedd wrote:
> At 9:12 PM -0700 4/9/09, Jim Lucas wrote:
>> tedd wrote:
>>> At 5:03 PM +0200 4/9/09, Jan G.B. wrote:
You might want to use htmlspecialchars($str, ENT_QUOTES)
>>>
>>> OUT from db to html
>>>
>>> and
>>>
mysql_real_escape_string(stripslashes($_POST['yourself']));
>>>
>>
At 9:12 PM -0700 4/9/09, Jim Lucas wrote:
tedd wrote:
At 5:03 PM +0200 4/9/09, Jan G.B. wrote:
You might want to use htmlspecialchars($str, ENT_QUOTES)
OUT from db to html
and
mysql_real_escape_string(stripslashes($_POST['yourself']));
The above tells me that you probably need to look
tedd wrote:
At 5:03 PM +0200 4/9/09, Jan G.B. wrote:
You might want to use htmlspecialchars($str, ENT_QUOTES)
OUT from db to html
and
mysql_real_escape_string(stripslashes($_POST['yourself']));
The above tells me that you probably need to look at your magic quotes setting.
Typically,
At 5:03 PM +0200 4/9/09, Jan G.B. wrote:
You might want to use htmlspecialchars($str, ENT_QUOTES)
OUT from db to html
and
mysql_real_escape_string(stripslashes($_POST['yourself']));
IN to db from html
Thanks, that worked.
Cheers,
tedd
--
---
http://sperling.com http://ancientst
6 matches
Mail list logo
