Natefons Posted July 27, 2008 Share Posted July 27, 2008 well i wanted to do a simple "news management" and a task i wanted to come up was a way to be mysql safe from injections (using mysql_real_escape_string) the only problem with that is, some times it gets "good" characters as well. for example a simple <a href=URL> will be converted to a "mysql safe" string. what i need to find out is, how to do both. is it possible? Link to comment https://forums.phpfreaks.com/topic/116816-how-to-be-mysql-safe-and-display-html/ Share on other sites More sharing options...
toivo Posted July 27, 2008 Share Posted July 27, 2008 You only need to sanitize input fields. If you are planning to accept special characters like <a href= and so on, you should perhaps rethink the design of your system. Link to comment https://forums.phpfreaks.com/topic/116816-how-to-be-mysql-safe-and-display-html/#findComment-600712 Share on other sites More sharing options...
Natefons Posted July 27, 2008 Author Share Posted July 27, 2008 well, im just learning PHP...and perhaps this isn't the best task to undertake for a beginner. but how would this be done? Link to comment https://forums.phpfreaks.com/topic/116816-how-to-be-mysql-safe-and-display-html/#findComment-600865 Share on other sites More sharing options...
trq Posted July 27, 2008 Share Posted July 27, 2008 mysql_real_escape_string shouldn't have any affect on html. Link to comment https://forums.phpfreaks.com/topic/116816-how-to-be-mysql-safe-and-display-html/#findComment-600868 Share on other sites More sharing options...
unkwntech Posted July 27, 2008 Share Posted July 27, 2008 Why don't you provide some examples of what is not working correctly. Is <a href=URL> being printed as \<a href\=URL\> Link to comment https://forums.phpfreaks.com/topic/116816-how-to-be-mysql-safe-and-display-html/#findComment-600881 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.