Re: [PHP-DB] addslashes()

Fri, 08 Feb 2002 07:23:34 -0800 

It shouldn't. It will affect any " or ' coming out.
For example, for going in to db:

$mystring = "Hi there Mr O'Neil.";
$mystring = addslashes($mystring);

echo $mystring; would result in  "Hi there Mr O\'Neil."

When coming out of db make sure you use the stripslashes function to return
the original value that was created upon entry

$mystring = stripslashes($mystring); would result back to "Hi there Mr
O'Neil."

HTH Joe :)


"Todd Williamsen" <[EMAIL PROTECTED]> wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> So if I:
> Going in
> $Notes =  addslashes($Notes);
>
> Going Out:
> $Notes = stripslashes($Notes);
>
> wouldn't that kill the html? or no?
> "Joe Van Meer" <[EMAIL PROTECTED]> wrote in message
> [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> > Hi. addslashes() going in to db, stripslashes() coming out :)
> >  HTH Joe :)
> >
> >
> > Todd Williamsen <[EMAIL PROTECTED]> wrote in message
> > 002601c1b033$382a4700$f6b2d83f@goofy1">news:002601c1b033$382a4700$f6b2d83f@goofy1...
> > > Paul,
> > >
> > > It is being inserted into a database
> > >
> > > -----Original Message-----
> > > From: Paul DuBois [mailto:[EMAIL PROTECTED]]
> > > Sent: Thursday, February 07, 2002 5:41 PM
> > > To: Todd Williamsen; [EMAIL PROTECTED]
> > > Subject: Re: [PHP-DB] addslashes()
> > >
> > >
> > > At 16:54 -0600 2/7/02, Todd Williamsen wrote:
> > > >Ok..
> > > >
> > > >i tried it out... and it almost works like I want it... weird though
> > > >
> > > >1. when I put in <p><font color="blue">this is BLUE</p></font>
> > > >
> > > >it prints it in like a bright green.  but if i use the RGB # then its
> > > fine.
> > > >weird....
> > > >
> > > >2.  if there is an apostrophe in the notes, then it will add slashes
it
> > > to
> > > >that as well
> > > >
> > > >so if I type blah blah blah I am going over to my friend's website
> > > later on
> > > >and here is the address...
> > > >
> > > ><a href="http://friends.com>Friends</a>
> > > >
> > > >it will look like
> > > >
> > > >friend\\\'s
> > > >
> > > >Friends(link)
> > >
> > > addslashes() is for escaping values that you're going to insert into a
> > > database.
> > >
> > > If you're generating HTML, use htmlspecialchars() instead.
> > >
> > >
> >
> >
>
>



-- 
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Reply via email to