konk353535 Posted August 8, 2010 Share Posted August 8, 2010 Hello i have \ in the output of my forum i know why these \ are there to stop sql injection i just want to know how to get rid of them? str replace if so another error im having is that im updating the sig and with only one ' it gets 3x larger\ every time so i had around 30 \ multiplying by 3 each time i updated can anyone give me some help on the matter? Quote Link to comment Share on other sites More sharing options...
Danny696 Posted August 8, 2010 Share Posted August 8, 2010 use something like: stripslashes($ir['sig']); Quote Link to comment Share on other sites More sharing options...
Zero-Affect Posted August 8, 2010 Share Posted August 8, 2010 Did i not resolve that issue for you pal? Quote Link to comment Share on other sites More sharing options...
Djkanna Posted August 9, 2010 Share Posted August 9, 2010 In your queries that are using mres do something like; stripslashes(mysql_real_escape_string($_POST['var'])) Quote Link to comment Share on other sites More sharing options...
Dominion Posted August 9, 2010 Share Posted August 9, 2010 you could do as dj is saying but i would put it in a function so if magic_quotes is on or off will not effect how you run it not it will still need to be used like any function its not a "add and its magically secure" function :) function Clean($text) { if (get_magic_globals_gpc() == 1) { $text= stripslashes($text); } $text= mysql_real_escape_string($text); return $text; } Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.