ROCKINDANO Posted March 30, 2011 Share Posted March 30, 2011 i have a php form where users can update db. but when the input has a <a href=""></a> input, it generates back slashes on the web. below is the results after the input. <a href=\'\\\"images/gallery/storyslideshow/ppic-5 (1).jpg\'\\\" rel=\'\\\"lyteshow[featgallery]\'\\\" title=\'\\\"\'\\\">View Slideshow</a><br><br> i have a this on my updating code mysql_real_escape_string($_POST["fulldesc"]); Quote Link to comment Share on other sites More sharing options...
JustLikeIcarus Posted March 30, 2011 Share Posted March 30, 2011 Take a look at this function. Should shed some light on your issue. http://php.net/manual/en/function.stripslashes.php Quote Link to comment Share on other sites More sharing options...
ROCKINDANO Posted March 30, 2011 Author Share Posted March 30, 2011 don't think this works when inserting into a database? Quote Link to comment Share on other sites More sharing options...
Pikachu2000 Posted March 30, 2011 Share Posted March 30, 2011 You don't want to arbitrarily apply stripslashes to data being pulled from a database. If slashes are coming out of the database, the problem usually likely exists before the point at which the data is being inserted. You should make sure magic_quotes_gpc is Off in your php.ini file, if you're able to do so. If you want to write code that's portable, when escaping data for insertion, first check for magic_quotes_gpc, and if it's On, apply stripslashes before escaping the data. If it's not On, escape the data normally without using stripslashes on it. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.