I don't need to use addslashes, just stripslashes in my view.
public function insert($data)
{
$data = array(
'nome' => $data['nome'],
'email' => $data['email'],
'sobre' => $data['sobre']
);
return parent::insert($data);
}
But, there is a way to turn this task (stripslashes) automatic?
Hector Virgen wrote:
>
> How are you inserting that into the database? Here's one way to do it that
> should work:
>
> $id = $db->insert('mytable', array(
> 'theString' => "I'm both entrepeneaur and..."
> ));
>
> Note that this method automatically builds the SQL and escapes the values
> for me -- no need to use addslashes() or mysql_real_escape_string().
>
> Also, have you verified that magic quotes is off? You can run this code to
> check:
>
> Zend_Debug::dump(get_magic_quotes_gpc());
>
> --
> Hector
>
>
> On Wed, Feb 24, 2010 at 5:34 PM, Keyne <[email protected]> wrote:
>
>>
>> I have the same issue. Magic quotes is off.
>>
>> My result looks like: "I\'m both entrepreneur and..."
>> The database row looks like this too: "I\'m both entrepreneur and..."
>>
>> And to get the data I use $this->fetchAll()->toArray();
>>
>> Then I need to use stripslashes.
>>
>> What I need to do to avoid this?
>>
>>
>> Mark Steudel wrote:
>> >
>> > Have you looked to see if magic_quotes are on?
>> >
>> > On Wed, Feb 24, 2010 at 1:03 PM, Jurian Sluiman
>> > <[email protected]> wrote:
>> >> On Sunday 21 Feb 2010 21:43:04 troels knak-nielsen wrote:
>> >>> If that's the case, then you have double escaping going on. The data
>> >>> should not contain the slash once it's in the database. The point of
>> >>> adding the slash is to "protect" the data when it's embedded in *the
>> >>> query*. That is also why you don't have to (and indeed should not)
>> >>> unescape anything when reading from the database. The slashes are
>> >>> *only* there because you're embedding data in a query.
>> >>>
>> >>> Compare this with a string literal in php. Given the following:
>> >>>
>> >>> echo "A \"double\" quote";
>> >>>
>> >>> Running this php code will output:
>> >>>
>> >>> A "double" quote
>> >>>
>> >>> That's because the *data* doesn't contain any slashes. The slashes
>> are
>> >>> there so that the php parser can read the literal string. Once they
>> >>> have been read into memory, the slashes are gone. Same thing with
>> sql.
>> >>
>> >> (sorry for my late reaction)
>> >>
>> >> So actually it isn't the data *retrieval* but rather the *insertion*
>> if
>> I
>> >> understand you right? The things I do are 99% from the manual:
>> >>
>> >> * Database initialized by application resource (db params: host,
>> >> username,
>> >> passwd, db name, isDefault = true)
>> >> * Data into model (My_Model_Name) and saves it into mapper
>> >> (My_Model_NameMapper).
>> >> * Mapper has DbTable obj, My_Model_DbTable_Name and extends
>> >> Zend_Db_Table_Abstract
>> >> * Data is saved through Zend_Db_Table_Abstract::insert() or
>> >> Zend_Db_Table_Abstract::update() methods
>> >>
>> >> After calling the method the strings are in the database like I said
>> (so
>> >> _with_ quotes). What's are the things I can look after (php settings,
>> >> mysql
>> >> settings, system settings) to solve this problem?
>> >>
>> >> Thanks in advance,
>> >> Jurian
>> >> --
>> >> Jurian Sluiman
>> >> CTO Soflomo V.O.F.
>> >> http://soflomo.com
>> >>
>> >
>> >
>> >
>> > --
>> >
>> > -----------------------------------------
>> > Mark Steudel
>> > P: 206.375.7244
>> > [email protected]
>> >
>> > . : Work : .
>> > http://www.mindfulinteractive.com
>> >
>> > . : Play : .
>> > http://www.steudel.org/blog
>> >
>> >
>>
>> --
>> View this message in context:
>> http://n4.nabble.com/Escape-stripslashes-and-html-entities-tp1562340p1568393.html
>> Sent from the Zend Framework mailing list archive at Nabble.com.
>>
>
>
--
View this message in context:
http://n4.nabble.com/Escape-stripslashes-and-html-entities-tp1562340p1568423.html
Sent from the Zend Framework mailing list archive at Nabble.com.
