Surpass Web Hosting Forums - View Single Post

H · July 1st, 2008, 10:47 PM

If you're using mysql_real_escape_string(), you shouldn't have to worry about using stripslashes() at all. Add from what I remember, you actually want to use addslashes() before submitting content to the database, as it's adding slashes to escape potentially harmful stuff. You'd use stripslashes() on the output end when you use mysql_real_escape_string().

It's been a while since I've mucked around with PHP, so if anyone is aware of any reason you'd want to use both, please chip in.

July 1st, 2008, 10:47 PM	#9 (permalink)
H after g, before i Resident. Joined in Jul 2004 Lives in N,BC,CA 8,079 posts Gave thanks: 48 Thanked 131 times	If you're using mysql_real_escape_string(), you shouldn't have to worry about using stripslashes() at all. Add from what I remember, you actually want to use addslashes() before submitting content to the database, as it's adding slashes to escape potentially harmful stuff. You'd use stripslashes() on the output end when you use mysql_real_escape_string(). It's been a while since I've mucked around with PHP, so if anyone is aware of any reason you'd want to use both, please chip in.