RE: [PHP] Escaping quotes for DB Entry

2006-05-26 Thread Ford, Mike
> From: Jochem Maas [mailto:[EMAIL PROTECTED] > Sent: Fri 26/05/2006 15:54 > > Brad Bonkoski wrote: > > All... > > A lot has been said recently about the dangers of the family of > > magic_quotes... > > I understand the dangers. > > The question is, for those of us using a database that does not

RE: [PHP] Escaping quotes for DB Entry

2006-05-26 Thread Ford, Mike
> From: Brad Bonkoski [mailto:[EMAIL PROTECTED] > Sent: Fri 26/05/2006 15:41 > > A lot has been said recently about the dangers of the family of > magic_quotes... > I understand the dangers. > The question is, for those of us using a database that does not have a > *real_escape_string function...O

Re: [PHP] Escaping quotes for DB Entry

2006-05-26 Thread Jochem Maas
Brad Bonkoski wrote: ... this adds single quotes automatically - addslashes (unless Im mistaken - wouldnt be the first time) would add slashes (and not single quotes) which is not what you want. Only done automatically IFF magic_quotes_gpc is ALSO on, which in my case it is off. excerp

Re: [PHP] Escaping quotes for DB Entry

2006-05-26 Thread Brad Bonkoski
Jochem Maas wrote: Brad Bonkoski wrote: Jochem Maas wrote: ... Understood what the esacpe character needs to be...the question is the best way to get it there? Currently I have: magic_quotes_sybase = On this adds single quotes automatically - addslashes (unless Im mistaken - wou

Re: [PHP] Escaping quotes for DB Entry

2006-05-26 Thread Jochem Maas
Brad Bonkoski wrote: Jochem Maas wrote: ... Understood what the esacpe character needs to be...the question is the best way to get it there? Currently I have: magic_quotes_sybase = On this adds single quotes automatically - addslashes (unless Im mistaken - wouldnt be the first time) w

Re: [PHP] Escaping quotes for DB Entry

2006-05-26 Thread Jochem Maas
Brad Bonkoski wrote: All... A lot has been said recently about the dangers of the family of magic_quotes... I understand the dangers. The question is, for those of us using a database that does not have a *real_escape_string function...Oracle for example. What is the *best* way to escape quot

Re: [PHP] Escaping quotes for DB Entry

2006-05-26 Thread Brad Bonkoski
Jochem Maas wrote: Brad Bonkoski wrote: All... A lot has been said recently about the dangers of the family of magic_quotes... I understand the dangers. The question is, for those of us using a database that does not have a *real_escape_string function...Oracle for example. What is the *

Re: [PHP] Escaping quotes for DB Entry

2006-05-26 Thread Jochem Maas
Brad Bonkoski wrote: All... A lot has been said recently about the dangers of the family of magic_quotes... I understand the dangers. The question is, for those of us using a database that does not have a *real_escape_string function...Oracle for example. What is the *best* way to escape quot