I'm gathering information from a user, storing that data in a db, and
then showing it back to the user. It's a simple process and can bee
seen here in this address book demo (not real people):
I gather information from the user via a $_POST; like this:
$last_name = trim($_POST['last_name']);
Then I pass it through mysql_real_escape_string() like so --
$last_name = mysql_real_escape_string($last_name);
-- and then I put that data into my table via an UPDATE.
Then when I pull data from the table, I do this --
$last_name = htmlentities($row['last_name']);
-- and show that data to the user. That's what I'm supposed to do right?
So, why is it that when I enter the name "O'Brian", the entry comes
So what's wrong and how do I fix it?
PS: I know that I'm supposed to know this, but that part of my brain
is on vacation -- I can't afford for all of me to go on vacation at
http://sperling.com http://ancientstones.com http://earthstones.com
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php