tricking javascript to accept ' after removing sql's slashes
Posted: Wed Oct 29, 2003 1:20 pm
i'm having a bit of a problem with that.
original, very flawed, codechange i made to try to get it to give javascript ''yet this still gives it to javascript as '
any suggestions?
original, very flawed, code
Code: Select all
foreach($desires as $desire){
$frnd=$desire['fun']; $comm=stripslashes($desire['cof']);
echo " <br><a href="profile.php?un=$frnd" target="_parent" onMouseOver="window.status='$comm'; return true;">$frnd</a>\n";
}Code: Select all
foreach($desires as $desire){
$frnd=$desire['fun']; $comm=preg_replace("/''/", "\\''", stripslashes($desire['cof']));
echo " <br><a href="profile.php?un=$frnd" target="_parent" onMouseOver="window.status='$comm'; return true;">$frnd</a>\n";
}any suggestions?