I would suggest you rather do the following ( over and above the htmlentities as already suggested )
In stead of doing echo " <html with single='quotes'>"; to rather echo '<html with double="quotes">'; The reason is; there is a difference between echo 'stuff' ; and echo "stuff"; The first (single quotes) is treated as literal content, ie, PHP justs echo's, does no parsing, while the double-quotes means PHP will look at the content between the quotes and parse any variables etc. So, if you are not echoing anything that needs to be parsed, use single quotes. eg. <?php $var = 'testing'; echo '$var<br>'; echo "$var<br>"; ?> produses: $var testing It just saves on overhead, and in your case, you would not have run into this problem... Mark Colvin wrote: >John, > >Thank you for your reply. My magic_quotes_runtime is set to 'Off'. As you >said, I shouldn't have to use StripSlashes but would I still need to use >AddSlashes when inserting/updating? I can see the slashes in the database >when I look at the tables but I am fairly sure that I do not add slashes >twice? Are they being added automatically somewhere as a result of a setting >in the php.ini file? >With regards to my use of mysql_result as opposed to mysql_fetch_* >functions, I was ignorant of the performance hit and I will now re think >around my database code. > > > >**************************************************** >This e-mail is intended for the recipient only and >may contain confidential information. If you are >not the intended recipient then you should reply >to the sender and take no further ation based >upon the content of the message. >Internet e-mails are not necessarily secure and >CCM Limited does not accept any responsibility >for changes made to this message. >Although checks have been made to ensure this >message and any attchments are free from viruses >the recipient should ensure that this is the case. >**************************************************** > -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
