David Krings wrote:
Rob Marscher wrote:
Here's what you want:
$filepath-db-escaped = mysql_real_escape_string($filepath);
This escapes it on it's way into the database and the database knows
at that point to remove the extra slashes and other escape characters
that were added via mysql_real_escape_string. So no need to call an
extra stripslashes or anything like that after you retrieve it from
the database.
So, you are saying when I use mysql_real_escape_string() I do not have
to use stripslashes when pulling the stuff out with a SELECT? Gee, I
didn't know that. I use mysql_real_escape_string all the time except for
those cases where I know I will have important slashes in the string (as
is the case with a file path).
Success! That indeed works as advertised. Really disappointing as I was
not only staring at it, but (falsely) using it all the time. That
explains also why one of my other scripts acts wonky once in a while.
Again, thank you very much!
David
_______________________________________________
New York PHP Community MySQL SIG
http://lists.nyphp.org/mailman/listinfo/mysql
NYPHPCon 2006 Presentations Online
http://www.nyphpcon.com
Show Your Participation in New York PHP
http://www.nyphp.org/show_participation.php
