[nycphp-talk] Another Apostrophe-related issue
Ken Robinson
kenrbnsn at rbnsn.com
Tue Jan 8 23:06:12 EST 2008
At 10:42 PM 1/8/2008, Kristina Anderson wrote:
>I'm having yet another apostrophe-related issue. It seems that the
>slashes are being added automatically by the HTML form and inserted
>into the database on save. Magic quotes is on (get_magic_quotes_gpc
>(); returns 1) and I have removed any addslashes() functions from my
>code.
>
>The slashes seem to be spawning, i.e. the first round after
>entering 's and saving, I get back /'s in the text box, the next
>round ///'s, etc.
>
>Soon enough I have a text box full of ////////////////////////////////
You should be using
$var = mysql_real_escape_string(stripslashes($var));
before adding to your database.
After you retrieve the value, use
$var = htmlentities(stripslashes($var),ENT_QUOTES);
when displaying the value back to the screen.
Ken
More information about the talk
mailing list