Jump to content

stripslashes

jeff5656

By jeff5656
in PHP Coding Help

 Share

Recommended Posts

jeff5656 Advanced Member

jeff5656

Posted
Posted

I tried to insert this variable into a database:

stripslashes($del_array['t3'])

 

When that variable contains a ' character (don't or O'Grady, etc) then I get the syntax error.  If I don't have a ' then it inserts correctly.  I thought wrapping the variable in stripslashes was supposed to escape the ' sign?

Link to comment
Share on other sites
gizmola Prolific Member

gizmola

Posted
Posted

Also, stripslashes would be the opposite of what you want.  When you add data to a database, you typically would addslashes.  When you pull the data back out for display, then you stripslashes.  This could also be affected by magic quotes which you would want to determine whether or not it is configured (although hopefully not) and depends on the type of software you're writing (is this generic, or something only you will use, and can safely ignore the magic quotes issue).  Depending on the database, there are specific functions to use in lieu of addslashes.

Link to comment
Share on other sites
jeff5656 Advanced Member

jeff5656

Posted
  • Author
Posted

Thanks to everyone.  Yes I think I need to use addslashes. 

The variable comes from another table that I had inserted using mysql_real_escape_string().  Now I am taking that record and inserting it into table 2, so I need to use addslashed to get it in there.  Actually sicne I originally put it in with mysql_real_escape_string(), couldn't I use that instead of addslashes?

Link to comment
Share on other sites
AyKay47 Member

AyKay47

Posted
Posted

Thanks to everyone.  Yes I think I need to use addslashes. 

The variable comes from another table that I had inserted using mysql_real_escape_string().  Now I am taking that record and inserting it into table 2, so I need to use addslashed to get it in there.  Actually sicne I originally put it in with mysql_real_escape_string(), couldn't I use that instead of addslashes?

mysql_real_escape string is a bit smarter then addslashes in that it takes into account the charset of the db server, and escapes a few bitwise characters as well...

Link to comment
Share on other sites
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.