problems with escaped data

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
User avatar
jazz090
Forum Contributor
Posts: 176
Joined: Sun Apr 12, 2009 3:29 pm
Location: England

problems with escaped data

Post by jazz090 »

everytime i submit a signle or double quote to php, php escapes it with a backslash which i can stop by stripslashes()
but my question is is what i am doing correct? becuase if i dont it causes some real problems if its not removed, i jus figured there are lots of
open source applications out there that deal with so much data and it will be difficult to unescape data one by one so there must be a better way
to handle this. is there? or is there a specific way of handling this?
Cryophallion
Forum Newbie
Posts: 10
Joined: Fri Apr 24, 2009 9:05 am

Re: problems with escaped data

Post by Cryophallion »

I assume you mean single or double quote submitted to a database? If so, then yes.

As for single and double quotes in php:
If you are looking for an unfiltered string (ie, html code only, not variables etc in the string, no special characters), you can use single quotes, then concatenate them with variables or double quoted string as necessary, however, you can't use a single quote in the string, as it will think the string is ending ( 'this won't work' BUT 'this="Will work" ').

Doubles get evaluated, and you have to escape the special characters and the doubles so the string won't think it is ending. "This string="test" will stop the string at =. So, you escape it with "this string=\"test\" "

Does that clarify it?
User avatar
jazz090
Forum Contributor
Posts: 176
Joined: Sun Apr 12, 2009 3:29 pm
Location: England

Re: problems with escaped data

Post by jazz090 »

nah i just turned of magic quotes and that did the trick (i meant submitted via from to php itself)
Post Reply