Zero-Affect Posted November 4, 2009 Posted November 4, 2009 also htmlentities() may help you can use stripslashes() and addslashes() to add slashes for a database entery then remove on the visual side when brought from database Quote
a_bertrand Posted November 5, 2009 Posted November 5, 2009 Haunted Dawg: Yep sorry should be "stripslashes" and not "stripslash"... my mistake :rolleyes:. For the mysql_escape_string, it will be still valid up to PHP 6.0 but you are right you should use mysql_real_escape_string if possible instead. And... again I simply typed something out of memory without checking right as it cannot be mysql_real_escape (as Zerro-Affect pointed out) but mysql_real_escape_string. Sorry for those oddies. Zero-Affect: Personally I don't care how Nyna was handling the job before me. People here are either new in the field, or too lazy to check back, so pointing out EXACTLY what's wrong is the way I choose to help. Of course if I can point out to some past thread or some articles from complex things I will do it. Still, I believe that a clear answer is better than simply "hey it is not safe". Also, a simple stripslashes and then addslashes is not the same as using mysql_real_escape_string, also, addslashes may work only on some databases and not on others and doesn't seems to cover all the issues even for MySQL: quoted from the PHP mysql_real_escape_string manual "This function must always (with few exceptions) be used to make data safe before sending a query to MySQL. " Quote
Zero-Affect Posted November 5, 2009 Posted November 5, 2009 I pointed out earlier MRES will not work well with stripslashes (pointed out by kyle) so either way you put it your code would work (never said it was secure but it works as a alternative to your version above it). Regards ZA Quote
fuzzyDCR Posted March 18, 2011 Posted March 18, 2011 So i was directed to this and told to give it a try....This is what I am getting now... Parse error: syntax error, unexpected T_VARIABLE, expecting ',' or ';' in /home/wereatw1/public_html/account.php on line 44 and here is the code that I am trying to put in....any help? You're unable to view this code. Viewing code within this forum requires registration, you can register here for free. Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.