Is this okay?
Moderator: General Moderators
-
mikelbring
- Forum Commoner
- Posts: 38
- Joined: Sat Jan 05, 2008 5:28 pm
Is this okay?
After I run a mysql_real_escape_string on a variable is it okay to also run stripslashes? There is a reason for this and I do have magic quotes turned off.
- jaoudestudios
- DevNet Resident
- Posts: 1483
- Joined: Wed Jun 18, 2008 8:32 am
- Location: Surrey
Re: Is this okay?
I dont think so. If you run strip slashes after your mysql_real_escape_string you will be reversing and reducing your security.
Hopefully some one can clarify
Hopefully some one can clarify
Re: Is this okay?
jaoudestudios is right. I actually think you shouldn't have any reason to use stripslashes at all. (besides countering magic quotes if the hosting will not just turn them off)