|
|
Posted by musiccomposition on 12/16/53 11:57
mysqli_real_escape_string() or mysql_real_escape_string should take out
all the characters that would affect MYSQL
Wim Cossement wrote:
> Hello,
>
> I was wondering if there are a few good pages and/or examples on how to
> process form data correctly for putting it in a MySQL DB.
>
> Since I'm not used to using PHP a lot, I already found out that
> addslashes() can be used escape some characters, but I'm having some
> more problems with for instance ä, å and µ (since the text is scientifical)
> Now some people also throw in htmlspecialchars() to convert those to
> HTML entities, but some nest htmlspecialchars() in addslashes() and
> others do the opposite.
>
> Is there a good and error proof way of ensuring that what one puts in a
> textarea gets stored and can be retrieved safe and sound?
>
> Thanks in advance,
>
> Wimmy
>
> --
> Being owned by someone used to be called slavery.
> Now it's called commitment.
[Back to original message]
|