homepage Welcome to WebmasterWorld Guest from 54.227.41.242
register, free tools, login, search, pro membership, help, library, announcements, recent posts, open posts,
Become a Pro Member
Home / Forums Index / Code, Content, and Presentation / PHP Server Side Scripting
Forum Library, Charter, Moderators: coopster & jatar k

PHP Server Side Scripting Forum

    
Remove Slashes from SQL statement?
Prior to inserting into database
alcheme

10+ Year Member



 
Msg#: 8435 posted 4:40 am on May 31, 2005 (gmt 0)

I use a form to insert comments into a database.

How do I get rid of the slashes around quotes(/""/) before it gets inserted into my database?

SQL statement:

$sql = "INSERT INTO data (comments) VALUES ('$comments')";

How do I prevent the slashes with quotes from being inserted into the database when the comments are submitted?

i.e. this is an example /"quote"/. Should read: this is an example "quote".

~Shane

p.s. Normally its never a problem but occassionally I get some strange comment submitted that is full of slashes around quotes. Maybe someone copied the information and pasted it into the form... i don't know.

 

grandpa

WebmasterWorld Senior Member 10+ Year Member



 
Msg#: 8435 posted 5:08 am on May 31, 2005 (gmt 0)

To remove slashes you may find the stripslashes() [us3.php.net] function useful.

ironik

5+ Year Member



 
Msg#: 8435 posted 5:10 am on May 31, 2005 (gmt 0)

At a guess you might have magic quotes enabled, but the slashes are forward instead of back..? maybe someone can explain that one...

At a guess, I'd say have a go using mysql_escape_string() and see if that better prepares the string for use in your SQL statment.

alcheme

10+ Year Member



 
Msg#: 8435 posted 5:20 am on May 31, 2005 (gmt 0)

Hi Grandpa,

I have tried different versions of stripslashes() like this one below but it did not work if I did a test:

stripslashes ($comments);

$sql = "INSERT INTO data (comments) VALUES ('$comments')";

alcheme

10+ Year Member



 
Msg#: 8435 posted 5:24 am on May 31, 2005 (gmt 0)

Hi Ironik,

Oops I meant back slashes '\' not forward slashes '/.

~Shane

Global Options:
 top home search open messages active posts  
 

Home / Forums Index / Code, Content, and Presentation / PHP Server Side Scripting
rss feed

All trademarks and copyrights held by respective owners. Member comments are owned by the poster.
Home ¦ Free Tools ¦ Terms of Service ¦ Privacy Policy ¦ Report Problem ¦ About ¦ Library ¦ Newsletter
WebmasterWorld is a Developer Shed Community owned by Jim Boykin.
© Webmaster World 1996-2014 all rights reserved