Another Way To Use Mysql_real_escape_string Instead Trim(stripslashes(

This Page Contains information about Another Way To Use Mysql_real_escape_string Instead Trim(stripslashes( By wallpaperama in category MySQL with 7 Replies. [887], Last Updated: Sat May 18, 2024

wallpaperama

Sun Feb 10, 2008

7 Comments

2634 Visits

sometimes mysql doesn't let you insert data into your database unless its cleaned.

an good way to do this is with the function: mysql_real_escape_string()

example: mysql_real_escape_string($_POST['somedata'])

but its better to use this instead:
trim(stripslashes($_POST['somedata']))

WARNING: but if you have a website, you MUST use mysql_real_escape_string() for security

i20

Sat Jul 18, 2009

first it's not strip but addslashes to escape illegal characters and second nothing can replace mysql_real_escape_string() for stop injection because this function has been created exactly to protect your mysql_query!! "trim(stripslashes($_post['someda is a joke!

horrified

Tue Jun 02, 2009

stripslashes, to sanatise pre-db entry?

is this site a hacking site wanting people to have hghly insecure scripts?

anyone reading this, forget add and strip slashes. use mysql_real_escape_string()

i you get slashes from php from some other place, then use stripslashes by all means

This

Sat Feb 21, 2009

this is horribly wrong, do not use this advice.

shawn

Thu Feb 19, 2009

this is wrong... the function would be addslashes. e.g., trim(addslashes($_post['somedata'

erew

Mon Aug 04, 2008

what.is

Mysql Query: UPDATE Database SET This=this+2 WHERE This Greater Than Value;

Another Way To Use Mysql_real_escape_string Instead Trim(stripslashes(

Related Pages