Re: [PHP] Escape Data In/Out of db [solved]

2009-04-11 Thread Shawn McKenzie
Shawn McKenzie wrote: > tedd wrote: >>> I think you want to look for magic_quotes_gpc >>> >>> >>> -- >>> Thanks! >>> -Shawn >> >> -Shawn: >> >> You were right. >> >> I'll fix it. >> >> Thanks, >> >> tedd > > I normally have a prep4display() and prep4store() type function that do > all of the sens

Re: [PHP] Escape Data In/Out of db [solved]

2009-04-11 Thread Shawn McKenzie
tedd wrote: >> I think you want to look for magic_quotes_gpc >> >> >> -- >> Thanks! >> -Shawn > > > -Shawn: > > You were right. > > I'll fix it. > > Thanks, > > tedd I normally have a prep4display() and prep4store() type function that do all of the sensitization/prep for either storing or display

Re: [PHP] Escape Data In/Out of db [solved]

2009-04-11 Thread Shawn McKenzie
tedd wrote: > At 9:12 PM -0700 4/9/09, Jim Lucas wrote: >> tedd wrote: >>> At 5:03 PM +0200 4/9/09, Jan G.B. wrote: You might want to use htmlspecialchars($str, ENT_QUOTES) >>> >>> OUT from db to html >>> >>> and >>> mysql_real_escape_string(stripslashes($_POST['yourself'])); >>> >>

Re: [PHP] Escape Data In/Out of db [solved]

2009-04-10 Thread tedd
At 9:12 PM -0700 4/9/09, Jim Lucas wrote: tedd wrote: At 5:03 PM +0200 4/9/09, Jan G.B. wrote: You might want to use htmlspecialchars($str, ENT_QUOTES) OUT from db to html and mysql_real_escape_string(stripslashes($_POST['yourself'])); The above tells me that you probably need to look

Re: [PHP] Escape Data In/Out of db [solved]

2009-04-09 Thread Jim Lucas
tedd wrote: At 5:03 PM +0200 4/9/09, Jan G.B. wrote: You might want to use htmlspecialchars($str, ENT_QUOTES) OUT from db to html and mysql_real_escape_string(stripslashes($_POST['yourself'])); The above tells me that you probably need to look at your magic quotes setting. Typically,

Re: [PHP] Escape Data In/Out of db [solved]

2009-04-09 Thread tedd
At 5:03 PM +0200 4/9/09, Jan G.B. wrote: You might want to use htmlspecialchars($str, ENT_QUOTES) OUT from db to html and mysql_real_escape_string(stripslashes($_POST['yourself'])); IN to db from html Thanks, that worked. Cheers, tedd -- --- http://sperling.com http://ancientst

Re: [PHP] Escape Data In/Out of db

2009-04-09 Thread Jan G.B.
2009/4/9 tedd : > Hi gang: -.- > > I'm gathering information from a user, storing that data in a db, and then > showing it back to the user. It's a simple process and can bee seen here in > this address book demo (not real people): > > http://php1.net/a/edit-db-demo > > I gather information from

[PHP] Escape Data In/Out of db

2009-04-09 Thread tedd
Hi gang: I'm gathering information from a user, storing that data in a db, and then showing it back to the user. It's a simple process and can bee seen here in this address book demo (not real people): http://php1.net/a/edit-db-demo I gather information from the user via a $_POST[]; like thi