Jump to content

Archived

This topic is now archived and is closed to further replies.

lpxxfaintxx

Addslashes and Strip_tags not working

Recommended Posts

[code]
<?php
require_once "maincore.php";
require_once "subheader.php";
require_once "side_left.php";
opentable('Edit Images');
$saveid = $_GET['save'];
$newname = addslashes(strip_tags($_POST['imagename']));
$newstatus = addslashes(strip_tags($_POST['status']));
$newdescription = addslashes(strip_tags($_POST['imagedescription']));
$id = addslashes(strip_tags($_POST['editid2']));
$owner = $userdata['user_name'];
    switch ($saveid):
case 1:
$sql = "UPDATE registered_files SET status='$newstatus' WHERE id=$id AND owner = '$owner'";
      $result = mysql_query($sql);
      echo "<center>Thank you! Image status updated. <br /> Image id: $id
<br />Click <a href='memberseditimages.php'>here to go back.</a>
      </center>";
   break;
case 2:
$sql = "UPDATE registered_files SET imagename='$newname' WHERE id=$id AND owner = '$owner'";

      $result = mysql_query($sql);
      echo "<center>Thank you! Image name updated. <br /> Image id: $id
<br />Click <a href='memberseditimages.php'>here to go back.</a>
      </center>";
   break;
case 3:
$sql = "UPDATE registered_files SET description='$newdescription' WHERE id=$id AND owner = '$owner'";

      $result = mysql_query($sql);
      echo "<center>Thank you! Description updated. <br /> Image id: $id
<br />Click <a href='memberseditimages.php'>here to go back.</a>
      </center>";
   break;
default:
   echo "Please edit the information you wish to save.";
endswitch;
require_once "side_right.php";
require_once "footer.php";
?>[/code]

Whenever I edit a row and insert html, the html works.. isn't it supposed to prevent that from happening?

Regards,
AIMMultimedia.com

Share this post


Link to post
Share on other sites
Try the htmlspecialchars function

[a href=\"http://us2.php.net/htmlspecialchars\" target=\"_blank\"]http://us2.php.net/htmlspecialchars[/a]

Share this post


Link to post
Share on other sites

×

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.