Enjoy an ad free experience by logging in. Not a member yet? Register.
Results 1 to 2 of 2
Thread: stripslashes / addslahes
09-05-2007, 03:57 AM #1
- Join Date
- Mar 2006
- Thanked 0 Times in 0 Posts
stripslashes / addslahes
I have a form which users fill out, and it get's emailed to me... If they say write 'James O'Reilly' it was coming to me as 'James O'/Reilly' so I added the following and it worked...
$name = stripslashes($_POST['name']);
$name = addslahes($_POST['name']);
09-05-2007, 04:24 AM #2
- Join Date
- Apr 2007
- Philadelphia, PA, USA
- Thanked 258 Times in 254 Posts
Don't insert with addslashes(), insert using mysql_real_escape_string()... assuming you're using MySQL.
Magic Quotes is obviously on and is addslashes()'ing your _POST data, then you were re-addslashes()'ing it before insert, hence the back-slashes before the single-quotes (not forward-slashes after the single-quotes as you have typed).PHP Code:
// grab... only stripslashes if they're added
$name = get_magic_quotes_gpc() ? stripslashes( $_POST['name'] ) : $_POST['name'];
$insert = sprintf
'INSERT INTO table ( name ) VALUES ( \'%s\' )',
mysql_real_escape_string( $name )
mysql_query( $insert );
Here's a great resource for beginner programmers:
Last edited by kbluhm; 09-05-2007 at 04:44 AM.