Escaping/Unescaping - what's the best way to do it? — PHP SQL

You are here: Escaping/Unescaping - what's the best way to do it? « PHP SQL « IT news, forums, messages

Posted by no on 09/30/75 11:17

Hi

I use mysql_escape_string() to escape all my form-entered fields,
mainly to prevent malicious code injection. But what is the best way
to unescape them in the code? I can see stripslashes() does the job,
but it seems very cumbersome and i'd need to stripslashes() every
field after every SELECT, which seems a real pain in the ass.

What do most of you do with SELECTed data? Do you have a
function/class and unescape the fields in there - or do you unescape
them at the stage when the data is displayed/used?

Thanks
Chris R.

Navigation:

Next in forum: search string
Prev in forum: Strings passed in are blank
Thread view: Escaping/Unescaping - what's the best way to do it?

[Reply to this message]

Удаленная работа для программистов • Как заработать на Google AdSense • England, UK • статьи на английском • PHP MySQL CMS Apache Oscommerce • Online Business Knowledge Base • DVD MP3 AVI MP4 players codecs conversion help

Home • Search • Site Map • Set as Homepage • Add to Favourites

Сайт изготовлен в Студии Валентина Петручека —
изготовление и поддержка веб-сайтов, разработка программного обеспечения, поисковая оптимизация