vividona
11-30-2008, 12:45 PM
hi friends,
please check my poor script
http://bhl.43i.net
admin account: aaa
admin pass : aaa
if you open any article like:
http://bhl.43i.net/index.php?Artid=16
if I put the sign of single quote ( ' ) after the article number in browse it give this message
http://bhl.43i.net/index.php?Artid=16'
note: I am using this code
I used addslashes() when I insert the text in database
and stripslashes() when I select the text from database
is that correct?
public function ClnArtiSub(){
if( ! get_magic_quotes_gpc() ){
return addslashes(htmlspecialchars( $this->ArtiSub ));
}
}
public function StripArtiSub() {
if( ! get_magic_quotes_gpc() ) {
return stripslashes(htmlspecialchars( $this->ArtiSub ));
}
}
public function ClnArtiBod(){
if( ! get_magic_quotes_gpc() ){
return addslashes(htmlspecialchars( $this->ArtiBod ));
}
}
public function StripArtiBod() {
if( ! get_magic_quotes_gpc() ) {
return stripslashes(htmlspecialchars( $this->ArtiBod ));
}
}
please check my poor script
http://bhl.43i.net
admin account: aaa
admin pass : aaa
if you open any article like:
http://bhl.43i.net/index.php?Artid=16
if I put the sign of single quote ( ' ) after the article number in browse it give this message
http://bhl.43i.net/index.php?Artid=16'
note: I am using this code
I used addslashes() when I insert the text in database
and stripslashes() when I select the text from database
is that correct?
public function ClnArtiSub(){
if( ! get_magic_quotes_gpc() ){
return addslashes(htmlspecialchars( $this->ArtiSub ));
}
}
public function StripArtiSub() {
if( ! get_magic_quotes_gpc() ) {
return stripslashes(htmlspecialchars( $this->ArtiSub ));
}
}
public function ClnArtiBod(){
if( ! get_magic_quotes_gpc() ){
return addslashes(htmlspecialchars( $this->ArtiBod ));
}
}
public function StripArtiBod() {
if( ! get_magic_quotes_gpc() ) {
return stripslashes(htmlspecialchars( $this->ArtiBod ));
}
}