Re: [PHP-DB] Slashes or no slashes
I think you should use prepared statements. Kapu -- From: Karl DeSaulniers k...@designdrumm.com Sent: Friday, August 20, 2010 12:05 AM To: php-db@lists.php.net Subject: Re: [PHP-DB] Slashes or no slashes On Aug 19, 2010, at 4:44 PM, Karl DeSaulniers wrote: On Aug 19, 2010, at 4:36 PM, Daevid Vincent wrote: You should be using http://us2.php.net/manual/en/function.mysql-escape-string.php You don't need to search with extra slashes for retrieval. -Original Message- From: Karl DeSaulniers [mailto:k...@designdrumm.com] Sent: Thursday, August 19, 2010 2:29 PM To: php-db@lists.php.net Subject: [PHP-DB] Slashes or no slashes Hello, When I add an item to my database and I use addslashes(), do I have to use addslashes() to a query that looks for that item? Or would I be adding double slashes and canceling my own result? TIA Karl DeSaulniers Design Drumm http://designdrumm.com -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php Ah, but lets say I am using a character set utf-8, I should use mysql_real_escape_string() instead? Best, Karl DeSaulniers Design Drumm http://designdrumm.com -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php For a line like this.. return htmlspecialchars(stripslashes($this-values[$field])); would I change this to? return mysql_real_escape_string($this-values[$field]); Or do I still need the htmlspecialchars? In that case would I change it to? return htmlspecialchars(mysql_real_escape_string($this-values [$field])); TIA Karl DeSaulniers Design Drumm http://designdrumm.com -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-DB] Displaying Password
Hi, You can't be serious with that. You should try The next code: $UserPassword = str_repeat(#8226;, strlen($UserPassword)); Enjoy. (I hope that you are not a programmer) -- From: Karl DeSaulniers k...@designdrumm.com Sent: Tuesday, December 22, 2009 6:12 AM To: php-db@lists.php.net Subject: [PHP-DB] Displaying Password Never mind. Got it. $replaceArray = array('a', 'b', 'c', 'd', 'e', 'f', 'g', 'h', 'i', 'j', 'k', 'l', 'm', 'n', 'o', 'p', 'q', 'r', 's', 't', 'u', 'v', 'w', 'x', 'y', 'z', '1', '2', '3', '4', '5', '6', '7', '8', '9', '0'); $replaceWith = array ('•','•','•','•','•','•','•','•','•','•','•','•','•','•','•','•','•','•' ,'•','•','•','•','•','•','•','•','•','•','•','•','•','•','•','•','•','•' ); $UserPassword = str_replace($replaceArray, $replaceWith, $UserPassword); //hide pasword Best, Karl DeSaulniers Design Drumm http://designdrumm.com -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php