FUDforum: comp.lang.php » Form fields to database and back?

Home » Imported messages » comp.lang.php » Form fields to database and back?

Show: Today's Messages :: Polls :: Message Navigator

Re: Form fields to database and back? [message #174567 is a reply to message #174563]

Sat, 18 June 2011 01:01

Jerry Stuckle
Messages: 2598
Registered: September 2010

Karma:

Senior Member

On 6/17/2011 7:52 PM, bobmct wrote:
> All good points everyone, of course. But with extensive testing today
> here's what I had to end up with for consistent results:
>
> From field to database I used mysql_real_escape_string.
>
> When I look at the actual data stored in the db field that function
> inserted backslashes before each double quote.
>

Then you have done something else, like used addslashes() somewhere.
Alternatively, magic_quotes_gpc may be set on your server (it should NOT
be; it has been deprecated for years and will be removed in PHP 6). But
mysql_real_escape_string() will not cause backslashes to be added to the
data in the database; when you retrieve the data it will be exactly as
it originally was.

> To display the retrieved db field I ran it through htmlspecialchars()
> but the backslashes still remained. I had to use stripslashes to
> remove them.
>

That's because you did something else beforehand which is invalid.

> And no, this is NOT a cms. Its a stando alone database update program.
>
> Works for now.
>
> And a general comment on nesting functions vs individual lines...
>
> I've been coding for many decades and quite often, including prior to
> this project, I have had to trudge through code written by others.
> When one has no idea about the code and no documentation let alone
> self documented code, nested functions are difficult to decode.
>
> Of course it can be done but I've learned that when programs are
> running on 16 core 48GB RAM systems, it makes little difference in
> performance but a whole LOT of difference for the next person to
> understand.
>
> Just my $.02 worth.

PHP does not allow nested functions. I'm not sure where that came up
(you didn't quote the relevant text).

--
==================
Remove the "x" from my email address
Jerry Stuckle
JDS Computer Training Corp.
jstucklex(at)attglobal(dot)net
==================

Report message to a moderator

[Message index]

		Form fields to database and back? By: bobmct on Fri, 17 June 2011 00:36
		Re: Form fields to database and back? By: The Natural Philosoph on Fri, 17 June 2011 00:43
		Re: Form fields to database and back? By: Jerry Stuckle on Fri, 17 June 2011 01:03
		Re: Form fields to database and back? By: Jerry Stuckle on Fri, 17 June 2011 01:02
		Re: Form fields to database and back? By: bobmct on Fri, 17 June 2011 02:34
		Re: Form fields to database and back? By: Jerry Stuckle on Fri, 17 June 2011 03:50
		Re: Form fields to database and back? By: bobmct on Fri, 17 June 2011 11:09
		Re: Form fields to database and back? By: bobmct on Fri, 17 June 2011 15:18
		Re: Form fields to database and back? By: Jerry Stuckle on Fri, 17 June 2011 20:44
		Re: Form fields to database and back? By: alvaro.NOSPAMTHANX on Fri, 17 June 2011 11:28
		Re: Form fields to database and back? By: Thomas 'PointedEars' on Fri, 17 June 2011 20:03
		Re: Form fields to database and back? By: bobmct on Fri, 17 June 2011 23:52
		Re: Form fields to database and back? By: Jerry Stuckle on Sat, 18 June 2011 01:01
		Re: Form fields to database and back? By: Captain Paralytic on Wed, 22 June 2011 16:05
		Re: Form fields to database and back? By: Jerry Stuckle on Wed, 22 June 2011 17:15
		Re: Form fields to database and back? By: Thomas 'PointedEars' on Sat, 18 June 2011 06:35

Previous Topic:	free computer ebooks updated daily
Next Topic:	IP address and empty $_FILES

Goto Forum:

-=] Back to Top [=-

[ Syndicate this forum (XML) ] [

]

Current Time: Thu Sep 19 16:45:22 GMT 2024

Total time taken to generate the page: 0.04101 seconds