Page 1 of 1
hmm, what do i do with /// and ""?
Posted: Thu Jun 20, 2002 6:00 pm
by qads
this is a sql statment, but i guess you know that
Code: Select all
$sql = "INSERT INTO q_comments (section, title,name,email,comment,script_id,date) VALUES ('$sec', '$com_title', '$user10', '$email1', "$comments", '$s_id', '$date')";
first, it did't let me enter ' in to $comments, so i add \" \" round it, then it did't let enter "
so i used $comments = addslashes($comments); to add \ to "
so now if some one uses " in $comments i get alot of \\\.
how can i fix this so it can take " and ' without any \
lol, i just find it funny for some reason

Posted: Fri Jun 21, 2002 2:25 am
by twigletmac
When you do your insert:
Code: Select all
$comments = addslashes($comments);
$sql = "INSERT INTO q_comments (section, title,name,email,comment,script_id,date) VALUES ('$sec', '$com_title', '$user10', '$email1', '$comments', '$s_id', '$date')";
and to get the information ready to display:
Code: Select all
$comments = htmlspecialchars(stripslashes($comments));
You have to have the slashes to put the information into the database so you use
stripslashes() to get rid of them at the other end.
htmlspecialchars() is also useful for changing things like &, < and > into html entities so that they can be displayed.
Mac
Posted: Fri Jun 21, 2002 7:10 am
by qads
thanks, it came to me after i turned my computer off
so i am useing just stripslashes();.