Helpful Information
Home
Categories
Contact us
Category: PHP
addslashes() adding to many slashes ?
how come when i do this:
$text = "(SELECT * FROM EMP WHERE EMPNAME = 'SMITH')"
<?php
if($do == "1")
{
echo addslashes($text);
}
?>
i get this:
(SELECT * FROM EMP WHERE EMPNAME = \\\'SMITH\\\')
well you dont ... i.e.
<?
$text = "(SELECT * FROM EMP WHERE EMPNAME = 'SMITH')" ;
$do=1;
if($do == "1")
{
echo addslashes($text);
}
?>
returns
(SELECT * FROM EMP WHERE EMPNAME = \\'SMITH\\')
however if you are sending $text via POST or GET vars then PHP will automagically addslashes for you (which you are then escaping again) , so if thats the case just don't addslashes!
oh.........duh........ thanks :thumbsup:
privacy (GDPR)