will not have any slashes embedded in normal
> circumstances, so there is no reason to stripslashes() any data coming from
> a database column...
>
> Rich
> -Original Message-
> From: Dash McElroy [mailto:dash.php@;westonefcu.org]
> Sent: 08 November 2002 16:53
> To:
Elroy [mailto:dash.php@;westonefcu.org]
Sent: 08 November 2002 16:53
To: 'Zeus'; [EMAIL PROTECTED]
Subject: RE: [PHP-WIN] mysql_fetch_array problem
Zeus,
2 notes:
1. Data you insert into a database should be addslashes($varname) first (or
another encoding) to protect against MySQL injection vulnerab
Zeus,
2 notes:
1. Data you insert into a database should be addslashes($varname) first (or
another encoding) to protect against MySQL injection vulnerabilities. A nice
stripslashes($varname) on the way out gets rid of the slashes. You could
also use urlencode($varname) and urldecode($varname). He
