Dan Baker wrote:
You are looking for the "addslashes" function. It prepares data for database querys:

Better yet, don't use addslashes(). Use the escaping function that is specific to the database you're using. In this case, it's mysql_real_escape_string(). This is much better than using addslashes() because it takes into account the current character set of the database connection.

http://www.php.net/mysql_real_escape_string

Also, you will need to use the "removeslashes" function when you get data from a query.

If you properly store data to a database, you should never have to use the stripslashes() function. Using stripslashes() will remove slashes that were intended to be in the output. Hint: turn off magic_quotes_gpc.

--
Ben Ramsey
http://benramsey.com/

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Reply via email to