Jason, can you explain why stripslashes should not be used on data taken from the db? when you store data in the db i thought it was good practice to addslashes, when you retrieve from the db, you will need to use stripslashes to remove the extra \
The slashes are added for the database, not to be stored with the data.
for e.g. - to store: "I've just eaten."
you do: "INSERT INTO status (hunger) values ('I\'ve just eaten.');"which stores: "I've just eaten."
It's not good practice - it's required (if you're not using a mechanism that already handles this - such as the latest mysqli bind functions) - otherwise the query is invalid.
You may be thinking of running 'htmlentities' when retrieving data - which is necessary in some cases, depending on where you're using it (most notably - in html where you don't want html output).
Cheers,
--
- Martin Norland, Database / Web Developer, International Outreach x3257
The opinion(s) contained within this email do not necessarily represent those of St. Jude Children's Research Hospital.
-- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
