Page 1 of 1

mysql_escape_string()

Posted: Mon Jan 09, 2006 3:15 pm
by php3ch0
HI Everyone how do I un escape string the data ?

Posted: Mon Jan 09, 2006 3:42 pm
by feyd

Posted: Mon Jan 09, 2006 3:51 pm
by php3ch0
Thanks

Works great

Posted: Tue Jan 10, 2006 3:03 am
by Jenk
on a side note - if all has gone well with the escaping, then the use of stripslashes() should notbe necessary. (if you are having to escape after extraction from DB that is.) Have you checked if magic_quotes_gpc is on before escaping?

Code: Select all

<?php

function SqlClean ($string)
{
    if (get_magic_quotes_gpc()) {
        $string = stripslashes($string);
    }

    return mysql_real_escape_string($string);
}

$query = "SELECT `column` FROM `table` WHERE `column` = '" . SqlClean($value) . "'");

?>

Posted: Tue Jan 10, 2006 5:32 am
by Maugrim_The_Reaper
Or magic_quotes_runtime even...

Posted: Tue Jan 10, 2006 5:33 am
by Jenk
but not instead.