> Ok then, I want to know how to do it the right way but just using > $_POST['text'], as stated before, in my query still cuts off the text at > the quote. > > While passing this field between pages I don't do anything to it but when > I want to show it to the user I would use stripslashes($_POST['text']). Is > this the correct way to make sure my quotes get passed into the database?
First I would turn off magic_quotes_gpc. I would use sessions to pass the data from step 1 to the end, much easier imho than messing around with hidden fields. When you store the data in the database use make sure you escape it, when you redisplay it, use the htmlentities function. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
