FUDforum
Fast Uncompromising Discussions. FUDforum will get your users talking.

Home » Imported messages » comp.lang.php » store backslash in mysql database
Show: Today's Messages :: Polls :: Message Navigator
Return to the default flat view Create a new topic Submit Reply
Re: store backslash in mysql database [message #170729 is a reply to message #170677] Wed, 17 November 2010 10:53 Go to previous messageGo to previous message
Helmut Chang is currently offline  Helmut Chang
Messages: 22
Registered: September 2010
Karma:
Junior Member
Am 14.11.2010 20:08, schrieb Jerry Stuckle:
> On 11/13/2010 3:41 AM, Helmut Chang wrote:
>> Am 13.11.2010 04:28, schrieb Jerry Stuckle:

That's, what you wrote:

>>> mysql_real_escape_string() won't change backslashes.

That's, what the manual says:

>> | mysql_real_escape_string() calls MySQL's library function
>> | mysql_real_escape_string, which prepends backslashes to the following
>> | characters: \x00, \n, \r, \, ', " and \x1a.

So the function escapes a backslash.

> You're correct on the specific case of "\n" and I am incorrect. However,
> please read more closely. It does NOT handle every other instance of a
> backslash - it doesn't, for instance, handle \t or \b, both of which are
> valid control characters. In fact, it only handles 5 specific cases.

Sorry, here you confuse the *string* "\t" with the *Tab*-Character,
which can be expressed in PHP by writing:

$data = "A\tB";

This string internally contains no backslash. It contains three
characters. You wrote:

| mysql_real_escape_string() won't change backslashes. It has no way
| to know if, for instance, "\n" is a newline character or a backslash |
and an n.

And I wrote, that it does. And it's irrelevant, that
mysql_real_escape_string() does not escape a tab-character, because
there's no need to. But it must escape a backslash-character, because
mysql itself treats a backslash also as an escaping character:

INSERT INTO foo (bar) VALUES 'A\tB';
INSERT INTO foo (bar) VALUES 'A B';

are equivalent.

But if you want to insert a string "\t", the backslash must be escaped:

INSERT INTO foo (bar) VALUES 'A\\tB';

Here's a script:

<?php
$string1 = "A B";
$string2 = "A\tB";
$string3 = 'A\tB';

var_dump($string1);
var_dump($string2);
var_dump($string3);

$conn = mysql_connect('localhost', 'root', 'xxx');

$escapedString1 = mysql_real_escape_string($string1, $conn);
$escapedString2 = mysql_real_escape_string($string2, $conn);
$escapedString3 = mysql_real_escape_string($string3, $conn);

var_dump($escapedString1);
var_dump($escapedString2);
var_dump($escapedString3);

mysql_select_db('test');

$query = "INSERT INTO CharTest (CharColumn) VALUES ('%s')";

mysql_query(sprintf($query, $escapedString1));
mysql_query(sprintf($query, $escapedString2));
mysql_query(sprintf($query, $escapedString3));

$result = mysql_query('SELECT CharColumn FROM CharTest');
while ($row = mysql_fetch_assoc($result))
var_dump($row['CharColumn']);

mysql_free_result($result);
mysql_close($conn);
?>
[Message index]
 
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Previous Topic: website url as input how to create and save image on server in php?
Next Topic: Cannot write utf8 data into a utf8 column
Goto Forum:
  

-=] Back to Top [=-
[ Syndicate this forum (XML) ] [ RSS ]

Current Time: Sun Nov 10 15:07:32 GMT 2024

Total time taken to generate the page: 0.04241 seconds