htmlspecialchars OR stripslashes

Discussion in 'PHP' started by roice, Nov 9, 2010.

0
  1. #1
    Hello,
    I'm using "stripslashes" before I'm printing the data, from the DB, to screen.
    The reason is because my users may input words like Mike's phone and in the DB it's save as Mike\'s phone (because I'm also use "mysql_real_escape_string" when I'm input the data in the DB) , so function "stripslashes()" actually fix it.

    Am I doing worng for using "stripslashes" and not "htmlspecialchars" ?
     
    roice, Nov 9, 2010 IP
  2. nishanair

    nishanair Active Member

    Messages:
    188
    Likes Received:
    2
    Best Answers:
    0
    Trophy Points:
    53
    #2
    if you are using mysql_real_escape_string before inputting data to the DB then stripslashes is enough.
     
    nishanair, Nov 9, 2010 IP
  3. roice

    roice Peon

    Messages:
    200
    Likes Received:
    0
    Best Answers:
    0
    Trophy Points:
    0
    #3
    OK, thanks
    anyone else?
     
    roice, Nov 9, 2010 IP
  4. bartolay13

    bartolay13 Active Member

    Messages:
    735
    Likes Received:
    14
    Best Answers:
    1
    Trophy Points:
    98
    #4
    mysql_real_escape_string definitely, mysql_query 's best friend. =P
     
    bartolay13, Nov 10, 2010 IP
  5. xpertdev

    xpertdev Peon

    Messages:
    54
    Likes Received:
    0
    Best Answers:
    0
    Trophy Points:
    0
    #5
    if you are using mysql_real_escape_string while inserting data then you must have to remove the inserted slashes, so stripslashes will definitely work for you.
     
    xpertdev, Nov 10, 2010 IP