Remove Slashes from MySQL Database that MySQL Escape String put in

Forum Moderators: coopster

Message Too Old, No Replies

Remove Slashes from MySQL Database that MySQL Escape String put in

joshkraemer

5:18 pm on Dec 4, 2007 (gmt 0)

I have a php form that grabs data entered and inserts it into a mysql databse.

Here we grab the data: (there's roughly 30 form fields, which equals 30 variables)

$var1 = $_REQUEST['var1'];
$var2= $_REQUEST['var2'];
$var3= $_REQUEST['var3'];

Here we escape the quotes:

$var1 = mysql_real_escape_string($var1);
$var2 = mysql_real_escape_string($var2);
$var3 = mysql_real_escape_string($var3);

Question 1: Can I combine $_REQUEST and mysql_real_escape_string into one line (especially since I have 30 variables)?

Question 2: mysql_real_escape_string adds slashes to the database. Is there a way to remove these slashes before the data is entered into the database without defeating the purpose of the mysql_real_escape_string? Could it be done on the same line as well?

Thank you very much!

eelixduppy

5:21 pm on Dec 4, 2007 (gmt 0)

Removing the slashes from the string before entering the string into the database would defeat the purpose of escaping them in the first place. There is, however, a simpler way of escape them, and it looks something like this:


$_POST = [url=http://www.php.net/array-map]array_map[/url]("mysql_real_escape_string",$_POST);