QuizToon Posted June 7, 2010 Share Posted June 7, 2010 Hi all I am having a bit of a problem understanding addslashes and n2lbr and where and when to use them. I have, after much toing and froing, managed to create a small news script which displays news in the form od a newsletter on the website. I have also done the admin system to allow me to upload news articles, edit current ones and delete old ones. What I have noticed is that there seems to twice as many line breaks as there needs to be. EG i input the text with 2 line breaks and the system uploads it and adds another one in, if I edit the article the same thing happens. I am guessing I have done something wrong with either of 2 functions mentioned. Please can someone just explain in real simple terms when and where I should use them, if indeed that is my problem. Many Thanks Quote Link to comment Share on other sites More sharing options...
mrMarcus Posted June 7, 2010 Share Posted June 7, 2010 first off, read the manual for each entry: nl2br, and addslashes as you will find all the info you need regarding these functions, respectively. addslashes() is used to escape characters that would otherwise break a query, output to a page, and so on. Most commonly used for escaping quotes when dealing with a database query. For example, if you were inserting someone's name into the db where the name had an apostrophe: O'Brien, if you ran addslashes() against that, the result would be O\'Brien, and would now be safe* to put through a query. Now, to draw that out of the db, you must run stripslashes against it to remove the escaping \ and to preserve the name. mysql_real_escape_string is a preferred method of query character escaping as it is runtime and does not store the value being escaped with a backslashes, thus making the need for stripslashes() redundant. Much more efficient. nl2br is used to generate <br /> tags from newline \n characters, usually from data in a database which was originated from a textarea field in a form when a user hits the enter key. Hitting the enter key generates the \n in a behind-the-scenes fashion. And to preserve those newline breaks when displaying that data on a page, use nl2br(). Understand? Check the manual(s). *safe is such a risky term as you are never really safe. But it's a start. Quote Link to comment Share on other sites More sharing options...
GoneNowBye Posted June 7, 2010 Share Posted June 7, 2010 addslashes maeks stuff display, so it puts a \ before a ' which can prevent SQL inserts (correct me if i am wrong PLEASE) nl2br turns new lines \n to <BR \>'s so you can turn a ... input from a text area to <BR> formats Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.