| Re: store backslash in mysql database [message #170688 is a reply to message #170673] |
Sun, 14 November 2010 23:09   |
Peter
Messages: 15
Registered: March 2003
Karma:
|
Junior Member |
|
|
In article <4ce02cdd$0$19902$91cee783(at)newsreader03(dot)highway(dot)telekom(dot)at>,
usenet(at)helmutchang(dot)at says...
> Am 14.11.2010 18:11, schrieb Peter:
>
>> Well, I wouldn't exactly have called it a bug. It was a script that I
>> found on the internet and it's possible the original creator didn't have
>> it in mind to store the data in a mysql database. And as I didn't write
>> the script, who knows?
>
> And who wrote the script, that stores the encrypted value incorrect in
> the database?
>
>> As to debugging the script, it uses some maths functions including ord
>> to convert the original data into the encrypted data. So, I'm not sure
>> how the function is supposed to know what the outcome of the encryption
>> is going to be before it knows what the input is?
>
> The bug is not in the part of the encryption script. It is in the part,
> where the encrypted data is stored to the database.
>
>> So, all I could potentially do, as I see it, is include an extra:
>>
>> if, char converted to backslash, then change to a different char.
>
> No! Haven't you read the other answers, concerning
> <http://www.php.net/manual/en/function.mysql-real-escape-string.php>?
>
> There are some characters in strings and blobs, that have to be escaped
> when used in a (My)SQL query. And it's not only the backslash. This
> function does it for you in the correct way! *But*: The escape sequences
> are *not* stored in the database. So when you fetch the value again, it
> is exactly as you want it.
>
Sorry, I got a little thrown of the scent here for
mysql_real_escape_string when the disagreements started. I've now taken
a look at the function and it does seem ideal for my purposes.
--
Pete Ives
Remove All_stRESS before sending me an email
|
|
|
|
Calendar
Search
Help
Members
Register
Login
Home
]