Do you have a question? Post it now! No Registration Necessary. Now with pictures!
- Posted on
- strings, escape and html forms...
February 16, 2005, 5:53 pm
rate this thread
I use PHP to handle some data entry and editing through html form's,
all very simple/standard stuff.
Fot the moment, I then store all my data in a file (using var_export),
but I will switch this over to MySQL at some point soon.
At least while I'm using my file storage at present, when a character
in a string needs to be escaped (eg. single quote, becomes \'), I find
that the backslash character keeps getting re-escaped every time the
string is edited, through a re-entry of the form.
So it then become \\', etc...
What is the best way to stop this recursion ?
- Jan Pieter Kunst
February 17, 2005, 4:22 pm
Re: strings, escape and html forms...
Generally, you only need to use stripslashes() before displaying data in
a text field if magic_quotes_gpc is ON.
if magic_quotes_gcp if OFF: use addslashes() or similar when saving into
the database, don't use stripslashes() when displaying.
if magic_quotes_gpc is ON: don't use addslashes() or similar when saving
into the db, use stripslashes() when displaying.
My recommendation: set magic_quotes_gpc to OFF and handle your string
Real e-mail address unavailable. 5000+ spams per month.