On Sat, 18 May 2002, David Freeman wrote:
> As a general rule, though, you'll need to 'escape' anything that your
> database won't like - this is typically the ' and " chars. Addslashes()
> will do that for you. Anything else you want to do depends on what you
> need the data for.
>
> When you suck the data back out you'll obviously need to stripslashes()
> to get rid of the 'escape' chars you added above.
Nope, because the escape characters don't actually get added to the
database.
If you have a string:
Chief O'Brien
and you want to pass it into a database whose command interpreter uses
single quotes (') as string delimeters, then you need to tell it that the
' after O is not the end of the string. So you use addslashes() to preface
it with a backslash (\). This results in the following string:
Chief O\'Brien
When the database's command interpreter sees it, it removes the escape
character (\) before inserting the string into the database. So it's back
to its original form then. When you retrieve it, you'll just get:
Chief O'Brien
miguel
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
