mat3000000 Posted September 3, 2011 Share Posted September 3, 2011 Hi, I have a website where users can log on and edit their profile pic, name, biography etc. I was wondering about the correct way to:- Add data to the database through forms (Register.php) Display the data on a page Using mysql escape sting, however, the way I am currently using will display a '\' before any ' symbol. So it's >> it\'s ... Here is a snippet of the code I am using... //insert data $about1 = mysql_real_escape_string($_POST['about']); //get $query = mysql_query("SELECT * FROM `staff` WHERE username='$username'"); $row = mysql_fetch_array($query); $about = $row['about']; echo $about; Quote Link to comment https://forums.phpfreaks.com/topic/246373-mysql-database-insert-validation-and-displaying-info/ Share on other sites More sharing options...
Pikachu2000 Posted September 3, 2011 Share Posted September 3, 2011 If you're getting the escaping backslashes displayed, you probably have magic_quotes_gpc() = On in your php.ini file, causing the data to be double-escaped. Quote Link to comment https://forums.phpfreaks.com/topic/246373-mysql-database-insert-validation-and-displaying-info/#findComment-1265178 Share on other sites More sharing options...
mikesta707 Posted September 3, 2011 Share Posted September 3, 2011 The easiest solution would be to simply remove the slashes using PHP's stripslashes() function. However, as Pikachu pointed out, the problem most likely stems from a setting in your php.ini. It would be best if you turned this setting off, to avoid this problem in the future. Unfortunately, the text in your database already will be unaffected by this change. Is your server in development or production? Quote Link to comment https://forums.phpfreaks.com/topic/246373-mysql-database-insert-validation-and-displaying-info/#findComment-1265186 Share on other sites More sharing options...
Psycho Posted September 3, 2011 Share Posted September 3, 2011 Unfortunately, the text in your database already will be unaffected by this change. Is your server in development or production? I think mikesta707 misspoke. he meant to say that the content already stored in your database IS already affected. Quote Link to comment https://forums.phpfreaks.com/topic/246373-mysql-database-insert-validation-and-displaying-info/#findComment-1265194 Share on other sites More sharing options...
Pikachu2000 Posted September 3, 2011 Share Posted September 3, 2011 I'm thinking what he was getting at was that turning off magic_quotes won't remove any backslashes in the existing data. You'd need to run an UPDATE query to take care of it. Quote Link to comment https://forums.phpfreaks.com/topic/246373-mysql-database-insert-validation-and-displaying-info/#findComment-1265202 Share on other sites More sharing options...
mikesta707 Posted September 3, 2011 Share Posted September 3, 2011 I'm thinking what he was getting at was that turning off magic_quotes won't remove any backslashes in the existing data. You'd need to run an UPDATE query to take care of it. yes this is what I meant. Thank you for clarifying. Quote Link to comment https://forums.phpfreaks.com/topic/246373-mysql-database-insert-validation-and-displaying-info/#findComment-1265204 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.