Jump to content

[SOLVED] stripslashes() vs mysql_real_escape_string()

alexweber15

By alexweber15
in MySQL Help

 Share

Recommended Posts

alexweber15 Member

alexweber15

Posted
Posted

im sorry admins, not sure if this is the appropriate board if not please move it.

 

basically, as far as cleaning data for mysql insertion, ive read that these 2 functions are important and also that you should undo magic_quotes_gpc() if its available and implement mysql_real_escape_string() instead.... so far so good! :)

 

but where does stripslashes() come into play?

 

thanks!

 

-Alex

Link to comment
Share on other sites
CroNiX Member

CroNiX

Posted
Posted

You use stripslashes if your test for magic_quotes_gpc() is true to undo the magic quotes.  Then use mysql_real_escape_string().

something like:

<?php
function escapeString($string, $dblink)
{
    if(get_magic_quotes_gpc() == 1)
    {
        $string=stripslashes($string);
    }
    return mysql_real_escape_string($string, $dblink);
}

Link to comment
Share on other sites
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.