Hey, Am really starting to like your emails on this list, its different to say the least!
> > mysql_escape_string does look interesting but > thats > > again putting the strain in the script which I am > > wtf? that is just plain silly. Why is it plain silly? if the text to be entered is a large html page with a lot of class="value" and font color="red" class="blah" etc it can mean a lot of escaping/processing > btw if you read the following manual page: > > http://php.net/mysql_escape_string > > it will tell you that that func is depreciated - and > that there is > a better alternative: mysql_real_escape_string() Yes, I did visit see that. > > trying to avoid, may have to do it in the end > though. > > > >> .... I guess you have wait till some DW guru in > this > > mailing list. > > changing " to ' in any given input and/or making > that a requirement of > your input routine is a brittle 'solution' - in > short it sucks. > what happens when freak/code/user X tries stuffing > in a " regardless of > what you have preached/documented/'hoped no-one > would do'? No, I *WILL* have a check before inserting to the DB as a "just in case" solution but basicially this is just for the company's designers and if I can get their DWs to output single quotes instead of double..... We have 3 designers, they will be putting in the entire "content table" (the table that contains all the content for that page) into the db by copying from DW then pasting the "raw code" into the text area that I am giving them...then I take that code and enter it into the DB. Nobody other than them will be entering data into the system, the outside world will just see the tutorials. > > > >> Good luck. > > > > Yep, am waiting here and from some forums, > hopefully > > someone will give me a break on this. > > which limb? and why the masochism? :-) > > Thanks for the well wishes. > > > > as opposed to wishing wells. :) Cheers, Ryan ------ - The faulty interface lies between the chair and the keyboard. - Creativity is great, but plagiarism is faster! - Smile, everyone loves a moron. :-) __________________________________________________ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
