Dat Posted July 12, 2008 Share Posted July 12, 2008 Hey I have this form and I run it through a secure function: function isSecure($string) { $string = strip_tags($string); $string = htmlspecialchars($string); $string = trim($string); $string = stripslashes($string); $string = mysql_real_escape_string($string); return $string; } But I can't figure out why this happens when I submit something like this into my profile edit form: now it works here @#$%^&*() Why does this\' happen but this doesn\'t: "HERE" As you can see it add's slashes to the ' but not to the ". I want to remove those \. Link to comment https://forums.phpfreaks.com/topic/114448-secure-function-mysql_real_escape_string/ Share on other sites More sharing options...
JasonLewis Posted July 13, 2008 Share Posted July 13, 2008 Well your calling mysql_real_escape_string which will add slashes to and apostrophes. Removing the mysql_real_escape_string should do the trick. Link to comment https://forums.phpfreaks.com/topic/114448-secure-function-mysql_real_escape_string/#findComment-588703 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.