Re: [PHP] Performance of magic_quotes_gpc ??

2004-12-20 Thread Richard Lynch
Michael Gale wrote: I am working on a ticket tracking system and using htmlentities and htmlspecialchars on text that gets inserted into the database. code I have: --snip-- if ((isset($_POST['tentry_body'])) AND strlen($_POST['tentry_body']) 5) { $query .= tentry_body = ' .

[PHP] Performance of magic_quotes_gpc ??

2004-12-19 Thread Michael Gale
Hello, I am working on a ticket tracking system and using htmlentities and htmlspecialchars on text that gets inserted into the database. code I have: --snip-- if ((isset($_POST['tentry_body'])) AND strlen($_POST['tentry_body']) 5) { $query .= tentry_body = ' .

Re: [PHP] Performance of magic_quotes_gpc ??

2004-12-19 Thread Robert Cummings
On Sun, 2004-12-19 at 18:31, Michael Gale wrote: Hello, I am working on a ticket tracking system and using htmlentities and htmlspecialchars on text that gets inserted into the database. code I have: --snip-- if ((isset($_POST['tentry_body'])) AND strlen($_POST['tentry_body'])

Re: [PHP] Performance of magic_quotes_gpc ??

2004-12-19 Thread Jordi Canals
Hi, a couple of comments: --snip-- htmlentities(htmlspecialchars($_POST['tentry_body'])) . '; --snip-- Why are you using both htmlentities and htmlspecialchars? Think that html only converts some entities while htmlentities converts all ... so, for your purposes, apliying only one could do

Re: [PHP] Performance of magic_quotes_gpc ??

2004-12-19 Thread Michael Gale
Hello, Thanks for all of the responses ... I am going to use mysql_real_escape_string. Michael. Jordi Canals wrote: Hi, a couple of comments: --snip-- htmlentities(htmlspecialchars($_POST['tentry_body'])) . '; --snip-- Why are you using both htmlentities and htmlspecialchars? Think that html