CSS Codes
CSS Layouts
Results 1 to 2 of 2

Thread: What's the deal with addslashes()?

  1. 03-23-2006, 09:19 AM #1
    djr33's Avatar
    djr33
    djr33 is offline Global Moderator
    Join Date
    Mar 2006
    Location
    Illinois, USA
    Posts
    12,164
    Thanks
    265
    Thanked 690 Times in 678 Posts

    Default What's the deal with addslashes()?

    I'm working with a database and input from a text field that I want to be html compatible... so... sure, it cause problems with the mysql syntax when the input is transfered to a variable then to the mysql command within quotes if there are quotes in the input.
    In short... I figured out that addslashes() works because it makes the quotes characters, not commands, kinda.

    My real question is why.

    I understand that you're trying to 'escape'... but... does mysql automatically convert to something like what stripslashes() would do in php?

    Pretty simple question, but feel free to go into a bit more detai if you want. A simple answer is fine, though.

    thanks.
    Reply With Quote Reply With Quote
  2. 03-23-2006, 09:57 AM #2
    Twey's Avatar
    Twey
    Twey is offline Modtoreador
    Join Date
    Jun 2005
    Location
    英国
    Posts
    11,876
    Thanks
    1
    Thanked 180 Times in 172 Posts
    Blog Entries
    2

    Default

    It basically adds backslashes before any quotes. You would be better advised to use mysql_real_escape_string().
    Twey | I understand English | 日本語が分かります | mi jimpe fi le jbobau | mi esperanton komprenas | je comprends français | entiendo español | tôi ít hiểu tiếng Việt | ich verstehe ein bisschen Deutsch | beware XHTML | common coding mistakes | tutorials | various stuff | argh PHP!
    Reply With Quote Reply With Quote
« Previous Thread | Next Thread »

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules