Re: storing single and double quote in MySQL

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 





Richard Lynch wrote:

On Mon, May 22, 2006 11:37 am, Brad Bonkoski wrote:
http://www.php.net/manual/en/function.stripslashes.php
if you have to dump that information back to the users.

If you are using http://php.net/stripslashes on data coming out of
your database, you are DEFINITELY doing something wrong acquiring that
data.

Stripslashes is "correctly" used ONLY when:
1. You have Magic Quotes on, and
2. You need to display/use the incoming data for something other than
MySQL in the same script that does the INSERT


Even then, you really ought to turn off Magic Quotes and migrate to
http://php.net/mysql_real_escape_string

Thanks for your constructive criticism.... Sorry for the original bad advice.

So, when the magic_quotes goes away in future version, with stripslashes() also go away?

-Brad

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php


[Index of Archives]     [PHP Home]     [Apache Users]     [PHP on Windows]     [Kernel Newbies]     [PHP Install]     [PHP Classes]     [Pear]     [Postgresql]     [Postgresql PHP]     [PHP on Windows]     [PHP Database Programming]     [PHP SOAP]

  Powered by Linux