Re: Form fields to database and back? [message #174563 is a reply to message #174555] |
Fri, 17 June 2011 23:52 |
bobmct
Messages: 16 Registered: September 2010
Karma:
|
Junior Member |
|
|
All good points everyone, of course. But with extensive testing today
here's what I had to end up with for consistent results:
From field to database I used mysql_real_escape_string.
When I look at the actual data stored in the db field that function
inserted backslashes before each double quote.
To display the retrieved db field I ran it through htmlspecialchars()
but the backslashes still remained. I had to use stripslashes to
remove them.
And no, this is NOT a cms. Its a stand alone database update program.
Works for now.
And a general comment on nesting functions vs individual lines...
I've been coding for many decades and quite often, including prior to
this project, I have had to trudge through code written by others.
When one has no idea about the code and no documentation let alone
self documented code, nested functions are difficult to decode.
Of course it can be done but I've learned that when programs are
running on 16 core 48GB RAM systems, it makes little difference in
performance but a whole LOT of difference for the next person to
understand.
Just my $.02 worth.
|
|
|