|
PHP - Stripslashes
when i update something it doesnt show when i click on the page i updated in and i add stripslashes to remove the \
if i remove the stripslashes i get the \ and i dont like that Code: [Select] <?php if(isset($_POST['update'])){ require "scripts/connect.php"; // Set some values to go into the table fields for this person(record) $intro = stripslashes($_POST ['intro']); $latestnews = stripslashes($_POST ['latestnews']); $maincontent = stripslashes($_POST ['maincontent']); $mainvideos = stripslashes($_POST ['mainvideos']); echo "Good Job $username you have UPDATED SUCCESSFULLY!!"; } // Build the sql command string $sqlCommand = "UPDATE content SET intro='$intro', latestnews='$latestnews', maincontent='$maincontent', mainvideos='$mainvideos'"; // Execute the query here now $query = mysql_query($sqlCommand); ?> Similar TutorialsContent still displays slashes in front of quote. What am I doing wrong? Thanks. { $row = $rs->GetRowAssoc(false); $photos[$i]["id"] = $row["id"]; $photos[$i]["photo_path"] = $config_index["homepage_photos_path"]."/".stripslashes($row["photo"]); $photos[$i]["description"] = stripslashes($row["descr"]); if ($row['type'] == 'l') $photos[$i]["link"] = stripslashes($row["link"]); elseif ($row['type'] == 'p') $photos[$i]["poll"] = get_poll($row['link']); $rs->MoveNext(); $i++; } OK, I am confused a little. I have a script which processes the form data and then uploads it to the mysql database. Simple. Only problem I have is when the textbox is filled with anything with a " it adds a \ before it. example: Have a "great" day is now Have a \"Great\" day So I thought maybe it could be the striplashes. My code isnt working though. Any ideas peoples? CODE: <?php mysql_connect("localhost", "xxxxxxxx", "xxxxxxxxxxxx") or die(mysql_error()); mysql_select_db("xxxxxxxxxxxxx") or die(mysql_error()); $title = stripslashes(trim($_POST['title'])); $content = stripslashes(trim($_POST['content'])); $title = mysql_real_escape_string(trim($_POST['title'])); $content = mysql_real_escape_string(trim($_POST['content'])); $what_id=$_POST['what_id']; mysql_query("UPDATE homepage SET title='$title', content='$content' WHERE id = '1'") or die(mysql_error()); include 'updatedhyperlink1.php'; ?> Hi everyone, I have been building my first admin from scratch, and am going quite well. But now i have a problem that i can't resolve. The website is basically a library of quotes that users can submit, the admin then needs to approve and edit them before they are published on the site. I have the admin built, and can display all the records and delete, but am having a problem with the update. If the quote has a ' in the text it throws an error. If it doesn't it updates fine. There needs to a cleaning function or something applied, and as i am still learning i am lost to how to do this, I added the addslashes but it still throws the error. Code below. case 'updatequote'; $db_name = "auth"; $table_name = "quotes"; $connection = @mysql_connect("localhost", "root", "testing") or die(mysql_error()); $db = @mysql_select_db($db_name, $connection) or die(mysql_error()); foreach($_POST as $input) { $_POST['array_key'] = addslashes($input); } $sql = "UPDATE $table_name SET artist = '$artist',song = '$song',quote = '$quote' WHERE quoteid = ".$_REQUEST['quoteid'].""; $result = @mysql_query($sql,$connection) or die(mysql_error()); echo "Quote Edited Successfully"; break; I have this small piece of a query, there is a var $fulltxt in it that I need to stripslashes for, how would the code look? Code: [Select] $query1 = "SELECT distinct link_id, url, title, description, $fulltxt, size FROM ".$mysql_table_prefix."links WHERE link_id in ($inlist)"; $result = mysql_query($query1); echo mysql_error(); Thanks in advance! Simple question about slashes. If a user uses slashes in their text will all of them be removed using 'stripslashes' function or only the ones that have the ' to the right of the slashes. ? sorry posted before its time..... peoples names like... o'grady o'murphy shows on the screen as o\'grady and o\'murphy |
|||||||