graham23s Posted May 26, 2008 Share Posted May 26, 2008 Hi Guys, i was wondering if anyone could tell me the best way to do this, i am doing a very basic blog, and when the user types in the blog post, the data is stripped of any problemtic ' or " and displays each break on a new line. any advice/help would be great cheers Graham Link to comment https://forums.phpfreaks.com/topic/107338-escaping-data-prior-to-mysql/ Share on other sites More sharing options...
unidox Posted May 26, 2008 Share Posted May 26, 2008 http://templora.com/content/14 just do a google search. Link to comment https://forums.phpfreaks.com/topic/107338-escaping-data-prior-to-mysql/#findComment-550338 Share on other sites More sharing options...
ILYAS415 Posted May 26, 2008 Share Posted May 26, 2008 Okay theres 2 things you can do.... 1). Convert the characters into friendly characters like in Pokemon ??? $string= htmlentities($_POST['nameofinputortextarea']); 2). Use this... $string= str_replace("\"", "", $_POST['something']); $string= stripslashes($string); //then repeat for ' character I would recommend the first one as its shorter and easier and hassle free. Link to comment https://forums.phpfreaks.com/topic/107338-escaping-data-prior-to-mysql/#findComment-550340 Share on other sites More sharing options...
rarebit Posted May 26, 2008 Share Posted May 26, 2008 For the breaks, do you mean like this? http://uk3.php.net/manual/en/function.nl2br.php Link to comment https://forums.phpfreaks.com/topic/107338-escaping-data-prior-to-mysql/#findComment-550342 Share on other sites More sharing options...
graham23s Posted May 26, 2008 Author Share Posted May 26, 2008 Hi Guys, yeah i originally used: $string_to_clean = clean_junk($_POST['nameofinput'], 1); function: function clean_junk($string, $nlbr = false) { if (get_magic_quotes_gpc()) { $string = stripslashes($string); } if ($nlbr) { $string = nl2br($string); } return mysql_real_escape_string($string); } just curious as to whether there was an easier way to code it, this works mind you but always looking for new ways of doing things cheers Graham Link to comment https://forums.phpfreaks.com/topic/107338-escaping-data-prior-to-mysql/#findComment-550343 Share on other sites More sharing options...
rarebit Posted May 26, 2008 Share Posted May 26, 2008 Other than htmlentities() at certain times, then yeah, looks good to me... Link to comment https://forums.phpfreaks.com/topic/107338-escaping-data-prior-to-mysql/#findComment-550346 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.