Posted by Good Man on 10/16/07 17:01

"Rik Wasmus" <luiheidsgoeroe@hotmail.com> wrote in
news:op.t0autvy75bnjuv@metallium.lan:

> On Tue, 16 Oct 2007 18:32:12 +0200, <redog6@hotmail.com> wrote:
>
>> Hi
>> I have a webform with many free text fields and have a problem with
>> apostrophes and single quotes as this breaks the mysql query string.
>>
>> I obviously need to escape these characters - magic_quotes_gpc sounds
>> ideal but is not an option as I don't have access to the php.ini file
>> and it is currently set to 0.
>>
>> I could use either addslashes or mysql_real_espcape_string but do I
>> have to apply this to every field individually or is there a way to do
>> it to all in one go?
>> Any advice on the most suitable method and how to do it in one go
>> would be greatly appreciated.
>
>
> http://www.php.net/array_map is your friend.

just make sure not to apply it to form variables which are arrays!

• Next in forum: Re: addslashes, mysql_real_escape_string or magic_quotes_gpc?
• Prev in forum: Re: addslashes, mysql_real_escape_string or magic_quotes_gpc?
• Thread view: Re: addslashes, mysql_real_escape_string or magic_quotes_gpc?

[Reply to this message]