Page 1 of 1
Is this okay?
Posted: Wed Dec 03, 2008 3:29 am
by mikelbring
After I run a mysql_real_escape_string on a variable is it okay to also run stripslashes? There is a reason for this and I do have magic quotes turned off.
Re: Is this okay?
Posted: Wed Dec 03, 2008 4:04 am
by jaoudestudios
I dont think so. If you run strip slashes after your mysql_real_escape_string you will be reversing and reducing your security.
Hopefully some one can clarify

Re: Is this okay?
Posted: Wed Dec 03, 2008 5:07 am
by Mordred
jaoudestudios is right. I actually think you shouldn't have any reason to use stripslashes at all. (besides countering magic quotes if the hosting will not just turn them off)