Another Way To Use Mysql_real_escape_string Instead Trim(stripslashes(

This Page Contains information about Another Way To Use Mysql_real_escape_string Instead Trim(stripslashes( By wallpaperama in category MySQL with 7 Replies. [887], Last Updated: Sat May 18, 2024

wallpaperama

Sun Feb 10, 2008

7 Comments

2634 Visits

sometimes mysql doesn't let you insert data into your database unless its cleaned.

an good way to do this is with the function: mysql_real_escape_string()

example: mysql_real_escape_string($_POST['somedata'])

but its better to use this instead:
trim(stripslashes($_POST['somedata']))

WARNING: but if you have a website, you MUST use mysql_real_escape_string() for security

i20

Sat Jul 18, 2009

first it's not strip but addslashes to escape illegal characters and second nothing can replace mysql_real_escape_string() for stop injection because this function has been created exactly to protect your mysql_query!! "trim(stripslashes($_post['someda is a joke!

horrified

Tue Jun 02, 2009

stripslashes, to sanatise pre-db entry?

is this site a hacking site wanting people to have hghly insecure scripts?

anyone reading this, forget add and strip slashes. use mysql_real_escape_string()

i you get slashes from php from some other place, then use stripslashes by all means

This

Sat Feb 21, 2009

this is horribly wrong, do not use this advice.

https://www.wallpaperama.com/forums/another-way-to-use-mysql-real-escape-string-instead-trimstripslashes-t5712.html

shawn

Thu Feb 19, 2009

this is wrong... the function would be addslashes. e.g., trim(addslashes($_post['somedata'

erew

Mon Aug 04, 2008

what.is

Mysql Query: UPDATE Database SET This=this+2 WHERE This Greater Than Value;

Another Way To Use Mysql_real_escape_string Instead Trim(stripslashes(

Related Pages