mysql_escape_string()

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
User avatar
php3ch0
Forum Contributor
Posts: 212
Joined: Sun Nov 13, 2005 7:35 am
Location: Folkestone, Kent, UK

mysql_escape_string()

Post by php3ch0 »

HI Everyone how do I un escape string the data ?
User avatar
feyd
Neighborhood Spidermoddy
Posts: 31559
Joined: Mon Mar 29, 2004 3:24 pm
Location: Bothell, Washington, USA

Post by feyd »

User avatar
php3ch0
Forum Contributor
Posts: 212
Joined: Sun Nov 13, 2005 7:35 am
Location: Folkestone, Kent, UK

Post by php3ch0 »

Thanks

Works great
User avatar
Jenk
DevNet Master
Posts: 3587
Joined: Mon Sep 19, 2005 6:24 am
Location: London

Post by Jenk »

on a side note - if all has gone well with the escaping, then the use of stripslashes() should notbe necessary. (if you are having to escape after extraction from DB that is.) Have you checked if magic_quotes_gpc is on before escaping?

Code: Select all

<?php

function SqlClean ($string)
{
    if (get_magic_quotes_gpc()) {
        $string = stripslashes($string);
    }

    return mysql_real_escape_string($string);
}

$query = "SELECT `column` FROM `table` WHERE `column` = '" . SqlClean($value) . "'");

?>
User avatar
Maugrim_The_Reaper
DevNet Master
Posts: 2704
Joined: Tue Nov 02, 2004 5:43 am
Location: Ireland

Post by Maugrim_The_Reaper »

Or magic_quotes_runtime even...
User avatar
Jenk
DevNet Master
Posts: 3587
Joined: Mon Sep 19, 2005 6:24 am
Location: London

Post by Jenk »

but not instead.
Post Reply