i got a string rocks
$rocks=" With ( this one command, you can determine ) if the majority of the code has + been designed to rely on register globals. If grep yields a great number of matches, it’s likely that superglobals aren’t needed and can be safely disabled. On the other hand, - if the application is large and the command fails to return any or few | lines, you probably \have quite a/ bit for work to do to “mod- ernize” the program’s >input processing< mechanism."
How can i avoid special characters from a string ?
How 2 avoid special characters from a string
Moderator: General Moderators
- Christopher
- Site Administrator
- Posts: 13596
- Joined: Wed Aug 25, 2004 7:54 pm
- Location: New York, NY, US
Re: How 2 avoid special characters from a string
( You're ) post + does not \make/ much "sen-se".
You can use functions like str_replace(), preg_replace(), htmlentities(), htmlspecialchars() to remove/translate characters in strings.
You can use functions like str_replace(), preg_replace(), htmlentities(), htmlspecialchars() to remove/translate characters in strings.
(#10850)
- AbraCadaver
- DevNet Master
- Posts: 2572
- Joined: Mon Feb 24, 2003 10:12 am
- Location: The Republic of Texas
- Contact:
Re: How 2 avoid special characters from a string
Your string roxorz!
mysql_function(): WARNING: This extension is deprecated as of PHP 5.5.0, and will be removed in the future. Instead, the MySQLi or PDO_MySQLextension should be used. See also MySQL: choosing an API guide and related FAQ for more information.
Re: How 2 avoid special characters from a string
Thanks a lot
This is what i did
// Cleaning the Strings before inserting to database
$rocks = preg_replace('/[^(\x20-\x7F)]*/','', $rocks);
$rocks = preg_replace('/[^a-zA-Z0-9-]/', ' ', $rocks);
$rocks = preg_replace('/^[-]+/', ' ', $rocks);
$rocks = preg_replace('/[-]+$/', ' ', $rocks);
$rocks = preg_replace('/[-]{2,}/', ' ', $rocks);
This is what i did
// Cleaning the Strings before inserting to database
$rocks = preg_replace('/[^(\x20-\x7F)]*/','', $rocks);
$rocks = preg_replace('/[^a-zA-Z0-9-]/', ' ', $rocks);
$rocks = preg_replace('/^[-]+/', ' ', $rocks);
$rocks = preg_replace('/[-]+$/', ' ', $rocks);
$rocks = preg_replace('/[-]{2,}/', ' ', $rocks);
Re: How 2 avoid special characters from a string
Wow, you're really afraid of that - sign, aren't you?
If you want to insert the string safely in a database, use the built-in database escape mechanism. For mysql, this would be mysql_real_escape_string()
Removing random characters from the string without understanding the problem is simply begging for trouble.
If you want to insert the string safely in a database, use the built-in database escape mechanism. For mysql, this would be mysql_real_escape_string()
Removing random characters from the string without understanding the problem is simply begging for trouble.
Re: How 2 avoid special characters from a string
Code: Select all
mysql_real_escape_string($rocks)Re: How 2 avoid special characters from a string
Code: Select all
$rocks = mysql_real_escape_string($rocks);Almost. It is required, but not sufficient.Does mysql escape string enough for security ?????
Re: How 2 avoid special characters from a string
[text]so can you tell me how to secure it properly !!! Actually that string is a feedback which is taken from user.....so i want to clean it before inserting it ....[/text]