Page 1 of 1

hmm, what do i do with /// and ""?

Posted: Thu Jun 20, 2002 6:00 pm
by qads
:?
this is a sql statment, but i guess you know that :P

Code: Select all

$sql = "INSERT INTO q_comments (section, title,name,email,comment,script_id,date) VALUES ('$sec', '$com_title', '$user10', '$email1', "$comments", '$s_id', '$date')";
first, it did't let me enter ' in to $comments, so i add \" \" round it, then it did't let enter "
so i used $comments = addslashes($comments); to add \ to "

so now if some one uses " in $comments i get alot of \\\.

how can i fix this so it can take " and ' without any \


lol, i just find it funny for some reason :? :?

Posted: Fri Jun 21, 2002 2:25 am
by twigletmac
When you do your insert:

Code: Select all

$comments = addslashes($comments);
$sql = "INSERT INTO q_comments (section, title,name,email,comment,script_id,date) VALUES ('$sec', '$com_title', '$user10', '$email1', '$comments', '$s_id', '$date')";
and to get the information ready to display:

Code: Select all

$comments = htmlspecialchars(stripslashes($comments));
You have to have the slashes to put the information into the database so you use stripslashes() to get rid of them at the other end. htmlspecialchars() is also useful for changing things like &, < and > into html entities so that they can be displayed.

Mac

Posted: Fri Jun 21, 2002 7:10 am
by qads
thanks, it came to me after i turned my computer off :evil:

so i am useing just stripslashes();.