Page 1 of 1

slashes problem

Posted: Mon Feb 04, 2008 11:26 am
by itsmani1
Hello
Please check: http://beta.cmela.com/pro_view.php?pid=59

In product description you will see slashes i used stripshashes but still no luck.

I have another idea of using htmlspecialchars function like:

Code: Select all

$new = htmlspecialchars('15.5" color TV/Free Shipping', ENT_QUOTES);
Basically my requirement is to able to allow user to put following character like single quote, double quote, slahses (' " / \) in db but no hacking or sql injection should occur.

any help

thank you

Re: slashes problem

Posted: Mon Feb 04, 2008 12:59 pm
by Christopher
You need to use the database specific escaping function. You can also convert characters to HTML entities. Also check your database setting for character set. The database may retain or remove the escaped characters depending on the settings.

Re: slashes problem

Posted: Wed Feb 06, 2008 2:49 am
by itsmani1
tables type: InnoDB
MySQL charset: UTF-8 Unicode (utf8)

i have a check of string count, if the submitted string is less than 50 characters then it will give me error message, now the problem is if i submitted '15.5" new / used tv' this will give error but if i try to display it in html field this will not show complete string.

thank you