Posted by Pugi! on 08/13/07 13:12

Before I save input from a form to a database I use (after input
filtering) mysql_real_escape_string.
This means that blabla 'blabla' ... -> blabbla \'blabla\' ...
To display this data from database in browser, I use stripslashes and
htmlentities.
So far so good.

But what if input is for example a location:
D:\data\folder\file.exe. Escaped this becomes D:\\data\\folder\
\file.exe
No problem here, but how can I display this in a browser again ?
Stripslashes removes \ as well as \\, so I am left with
D:datafolderfile.exe This is not what I want, I want it to show D:\data
\folder\file.exe.


Pugi!

• Next in forum: Re: output escaping problem
• Prev in forum: Re: Remote connection by proxy script.
• Thread view: output escaping problem

[Reply to this message]