look into because I think the \' might not work on DBs
that use ''.
-TG
> -Original Message-
> From: John Holmes [mailto:[EMAIL PROTECTED]
> Sent: Monday, October 18, 2004 8:59 PM
> To: Jerry Swanson
> Cc: Christian Jul Jensen; [EMAIL PROTECTED]
> Subjec
Jerry Swanson wrote:
I'm not sure that stripslashes() are used for input.
If you want to redisplay the input, then it would be used.
addslashes() - to insert data into database
stripslashes() - to get data from database and print it.
You don't need stripslashes when pulling data unless you have
m
I'm not sure that stripslashes() are used for input.
addslashes() - to insert data into database
stripslashes() - to get data from database and print it.
On 14 Oct 2004 11:19:14 +0200, Christian Jul Jensen <[EMAIL PROTECTED]> wrote:
> [EMAIL PROTECTED] (Ben) writes:
>
> > Any ideas on dealin
[EMAIL PROTECTED] (Ben) writes:
> Any ideas on dealing with this would be greatly appreciated.
Disable magic_quotes, and handle all escaping of characters yourself,
I would absolutely prefer that. But beware of sql-injection.
Leave magic_quotes on, and use stripslashes() on your input.
--
Chris
4 matches
Mail list logo
