Try $link = addslashed($HTTP_SESSION_VARS["HREF"]) and then use $link in the sql insert and.. stripslashes(query result) when you retrieve the value and need to display it on the page. hth andre brendan wrote: > hello, > i have hit a major stumbling block and am now getting really > frustrated.. if someone could point me in the right direction i would > really appreciate it.. > > - i have a set of forms across a number of pages > - the user enters data into each of the forms and these are placed in > a session variable > - at the completion of form entry the session variables are supposed > to be passed to a mysql database > - one of the variables is a URL for some reason the form entry the > data is encoded so that a full stop '.' is changed into an AT '@' > - I have tried urlencoding and decoding the session, using str_replace > for the @ .. adding slashes > - for some reason this just wont work .. > ... > > help? > ... > > > i.e Adds form post to session > if (is_array($HTTP_POST_VARS)) { > while (list($var, $value) = each($HTTP_POST_VARS)) { > session_register($var); > $HTTP_SESSION_VARS[$var]=$value; > > } > } > > > i.e adds session to database (simplified so as to find problem) > > $title =stripslashes($HTTP_SESSION_VARS["title"]); > $href= $HTTP_SESSION_VARS["HREF"]; > $fee =stripslashes($HTTP_SESSION_VARS["fee"]); > > $result= mysql_query("INSERT INTO links (Title, Hyperlink,fee) VALUES > ('$title','$href','$fee')") or die(mysql_error()); > print $result; > > -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]