textarea protection

Discussions of secure PHP coding. Security in software is important, so don't be afraid to ask. And when answering: be anal. Nitpick. No security vulnerability is too small.

Moderator: General Moderators

Post Reply
lexhue
Forum Newbie
Posts: 2
Joined: Tue Sep 12, 2006 3:04 pm

textarea protection

Post by lexhue »

I’m new to php and need a simple solution or have one explained in plain English, Please.

I have textareas on a page and need for the user to be able to use ' or " and another character on the keyboard without causing problems. The information is then submitted to a mysql database.


I have tried looking this up but I dont really even know what keywords i should be using. Is there some type of make safe command I use when describing the textarea or what?
Is it the addslashes command and if so where would this go?


Any help would be greatly appreciated


Thank you

Lex
User avatar
feyd
Neighborhood Spidermoddy
Posts: 31559
Joined: Mon Mar 29, 2004 3:24 pm
Location: Bothell, Washington, USA

Post by feyd »

mysql_real_escape_string().. we have many threads of example usage laying around.
lexhue
Forum Newbie
Posts: 2
Joined: Tue Sep 12, 2006 3:04 pm

Post by lexhue »

THANK YOU :D
User avatar
Maugrim_The_Reaper
DevNet Master
Posts: 2704
Joined: Tue Nov 02, 2004 5:43 am
Location: Ireland

Post by Maugrim_The_Reaper »

If the content should contain no html, and it will be read from MySQL for display in a browser - htmlentities() is something to look into.
Post Reply