FUDforum
Fast Uncompromising Discussions. FUDforum will get your users talking.

Home » Imported messages » comp.lang.php » Form fields to database and back?
Show: Today's Messages :: Polls :: Message Navigator
Return to the default flat view Create a new topic Submit Reply
Re: Form fields to database and back? [message #174567 is a reply to message #174563] Sat, 18 June 2011 01:01 Go to previous messageGo to previous message
Jerry Stuckle is currently offline  Jerry Stuckle
Messages: 2598
Registered: September 2010
Karma:
Senior Member
On 6/17/2011 7:52 PM, bobmct wrote:
> All good points everyone, of course. But with extensive testing today
> here's what I had to end up with for consistent results:
>
> From field to database I used mysql_real_escape_string.
>
> When I look at the actual data stored in the db field that function
> inserted backslashes before each double quote.
>

Then you have done something else, like used addslashes() somewhere.
Alternatively, magic_quotes_gpc may be set on your server (it should NOT
be; it has been deprecated for years and will be removed in PHP 6). But
mysql_real_escape_string() will not cause backslashes to be added to the
data in the database; when you retrieve the data it will be exactly as
it originally was.


> To display the retrieved db field I ran it through htmlspecialchars()
> but the backslashes still remained. I had to use stripslashes to
> remove them.
>

That's because you did something else beforehand which is invalid.

> And no, this is NOT a cms. Its a stando alone database update program.
>
> Works for now.
>
> And a general comment on nesting functions vs individual lines...
>
> I've been coding for many decades and quite often, including prior to
> this project, I have had to trudge through code written by others.
> When one has no idea about the code and no documentation let alone
> self documented code, nested functions are difficult to decode.
>
> Of course it can be done but I've learned that when programs are
> running on 16 core 48GB RAM systems, it makes little difference in
> performance but a whole LOT of difference for the next person to
> understand.
>
> Just my $.02 worth.

PHP does not allow nested functions. I'm not sure where that came up
(you didn't quote the relevant text).

--
==================
Remove the "x" from my email address
Jerry Stuckle
JDS Computer Training Corp.
jstucklex(at)attglobal(dot)net
==================
[Message index]
 
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Previous Topic: free computer ebooks updated daily
Next Topic: IP address and empty $_FILES
Goto Forum:
  

-=] Back to Top [=-
[ Syndicate this forum (XML) ] [ RSS ]

Current Time: Tue Nov 26 11:55:23 GMT 2024

Total time taken to generate the page: 0.04748 seconds