Bruce Cowin wrote:
I am writing code to store a bunch of email files, in MIME format, into a
database. The body of some of these emails, but not all, are in HTML format.
If I use addslashes (after checking get_magic_quotes_gpc()), the database
record won't get saved. There's no error message, just no record saved. But
if I use htmlentities(), it saves the record no problem.
I would have thought that addslashes would have been enough to format the data
correctly. Why would I need to use htmlentities? And will using htmlentities
cause me any problems?
You shouldn't use either method.
htmlentities is completely changing your data (sure you can change it
back but you're still changing it from it's original state).
Use mysql_real_escape_string - it handles your quoting and escaping all
for you.
See http://www.php.net/mysql_real_escape_string
--
Postgresql & php tutorials
http://www.designmagick.com/
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
