Richard Lynch wrote:
On Mon, May 22, 2006 11:37 am, Brad Bonkoski wrote:
http://www.php.net/manual/en/function.stripslashes.php
if you have to dump that information back to the users.
If you are using http://php.net/stripslashes on data coming out of
your database, you are DEFINITELY doing something wrong acquiring that
data.
Stripslashes is "correctly" used ONLY when:
1. You have Magic Quotes on, and
2. You need to display/use the incoming data for something other than
MySQL in the same script that does the INSERT
Even then, you really ought to turn off Magic Quotes and migrate to
http://php.net/mysql_real_escape_string
Thanks for your constructive criticism.... Sorry for the original bad
advice.
So, when the magic_quotes goes away in future version, with
stripslashes() also go away?
-Brad
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php