rubing Posted March 25, 2008 Share Posted March 25, 2008 I am writing a simple php autoresponder (email) script, which reads in email using fread(). #!/usr/bin/php -q <?php $fd = fopen("php://stdin", "r"); $email = ""; while (!feof($fd)) { $email .= fread($fd, 1024); } fclose($fd); I want to know if php can handle the use of quotation marks ' or " when assigned to a variable? Does it automatically escape these and other bad characters (eg ; ) ??? Link to comment https://forums.phpfreaks.com/topic/97794-fread-and-quotes/ Share on other sites More sharing options...
puritania Posted March 25, 2008 Share Posted March 25, 2008 Yes. It automatically escapes it when saving content into variables. Link to comment https://forums.phpfreaks.com/topic/97794-fread-and-quotes/#findComment-500472 Share on other sites More sharing options...
rubing Posted March 26, 2008 Author Share Posted March 26, 2008 Yes, I figured it must've been doing that, but was confused b/c i still needed to escape these characters before inserting into mysql. I guess php automatically strips the slashes too! Link to comment https://forums.phpfreaks.com/topic/97794-fread-and-quotes/#findComment-501211 Share on other sites More sharing options...
puritania Posted March 26, 2008 Share Posted March 26, 2008 You didn't say anything about writing into mysql. To write a string properly in a database you have to do the following: $str = 'This is " a test with \' Quotes'; mysql_query("INSERT INTO `table` SET `column` = '" . mysql_real_escape_string($str) . "'"); Link to comment https://forums.phpfreaks.com/topic/97794-fread-and-quotes/#findComment-501226 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.