If you are for example saving the entire $_POST array in a text field of your DB, then just serailize() it or json_encode() it and run it through the appropriate real_escape_string() function if you're not using prepared statements or other custom escaping. On Thu, Nov 14, 2013 at 3:40 PM, Ramiro Barrantes < ramiro@xxxxxxxxxxxxxxxxxxxxx> wrote: > Hello, > > I would like to record, on a database, the global variables $_POST and > $_SERVER for each action that the user does that involves a modification of > the database. I am just saving, say $_POST or $_SERVER (and others), as a > string and putting it in a field on the database. > > However, when I try to get the info out of the database and access it as > an XML (using the DOMDocument library) it becomes a pain to handle due to > all the special characters (I think, as I haven't been able to get it to > work), for example: > > Mozilla/5.0 (X11; Linux x86_64; rv:16.0) Gecko/20100101 Firefox/16.0 > > (I seem to need to replace all the "/"s) > > It's a pain, and I would like not to have to replace special characters > with preg_replace if possible. > > Any suggestions? I have been having a lot of trouble with this. > > Thanks in advance, > > Ramiro > >
