Try

$link = addslashed($HTTP_SESSION_VARS["HREF"])
and then use $link in the sql insert

and..
stripslashes(query result)
when you retrieve the value and need to display it on the page.

hth
andre

brendan wrote:

> hello,
> i have hit a major stumbling block and am now getting really 
> frustrated.. if someone could point me in the right direction i would 
> really appreciate it..
>
> - i have a set of forms across a number of pages
> - the user enters data into each of the forms and these are placed in 
> a session variable
> - at the completion of form entry the session variables are supposed 
> to be passed to a mysql database
> - one of the variables is a URL for some reason the form entry the 
> data is encoded so that a full stop '.' is changed into an AT '@'
> - I have tried urlencoding and decoding the session, using str_replace 
> for the @ .. adding slashes
> - for some reason this just wont work ..
> ...
>
> help?
> ...
>
>
> i.e Adds form post to session
>  if (is_array($HTTP_POST_VARS)) {
>      while (list($var, $value) = each($HTTP_POST_VARS)) {
>      session_register($var);
>      $HTTP_SESSION_VARS[$var]=$value;
>
>      }
>     }
>
>
> i.e adds session to database (simplified so as to find problem)
>
> $title =stripslashes($HTTP_SESSION_VARS["title"]);
> $href= $HTTP_SESSION_VARS["HREF"];
> $fee =stripslashes($HTTP_SESSION_VARS["fee"]);
>
>  $result= mysql_query("INSERT INTO links (Title, Hyperlink,fee) VALUES 
> ('$title','$href','$fee')") or die(mysql_error());
>                               print $result;
>
>



-- 
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]

Reply via email to