textarea into database

mga_ka_php · August 11, 2010

i have a textarea and the content is description. how do i save this to database, because sometimes it has ' and " so it fails when i insert it into database, what should i use addslashes?

linus72982 · August 11, 2010

mysql_real_escape_string($CONTENT, $CONNECTION);

Actually, I'm not positive that will escape ANDs, but you should use that on all input anyway.

mga_ka_php · August 11, 2010

so mysql_real_escape_string removes the quotes?

linus72982 · August 11, 2010

From php.net:

mysql_real_escape_string — Escapes special characters in a string for use in an SQL statement

Yep, it escapes the quotes. PHP.net recommends you use this in place of addslashes() if possible.

mga_ka_php · August 11, 2010

ok thanks

Festy · August 11, 2010

Although you can also use addslashes and stripslashes, using 'mysql_real_escape_string' would also help you prevent any sql injection attempts.

xcoderx · August 11, 2010

this function could be handy

function clean($str) {
	$str = @trim($str);
	if(get_magic_quotes_gpc()) {
		$str = stripslashes($str);
	}
	return mysql_real_escape_string($str);
}

Sign In

textarea into database

Recommended Posts

mga_ka_php

Link to comment

Share on other sites

linus72982

Link to comment

Share on other sites

mga_ka_php

Link to comment

Share on other sites

linus72982

Link to comment

Share on other sites

mga_ka_php

Link to comment

Share on other sites

Festy

Link to comment

Share on other sites

xcoderx

Link to comment

Share on other sites

Join the conversation

Browse

Activity

Important Information