#1
  1. No Profile Picture
    Junior Member
    Devshed Newbie (0 - 499 posts)

    Join Date
    May 2000
    Posts
    12
    Rep Power
    0
    Hi,

    I have a simple MySQL & PHP3 guestbook.
    It works fine, but there are problems if a user add text containing ` or / or " or { or ] or + or )

    Is there a universal method that allows save & secure data input of any symbols into MySQL/PHP3 guestbook and then display them correctly?

    Thanks in advance.

    Roman
  2. #2
  3. Banned (not really)
    Devshed Supreme Being (6500+ posts)

    Join Date
    Dec 1999
    Location
    Brussels, Belgium
    Posts
    14,642
    Rep Power
    4476
    From the PHP manual:

    string addslashes(string str);

    Returns a string with backslashes before characters that need to be quoted in database queries etc. These characters are single quote ('), double quote ("), backslash () and NUL (the null byte).


    string rawurlencode(string str);

    Returns a string in which all non-alphanumeric characters except

    -_.
    have been replaced with a percent (%) sign followed by two hex digits. This is the encoding described in RFC1738 for protecting literal characters from being interpreted as special URL delimiters, and for protecting URL's from being mangled by transmission media with character conversions (like some email systems). For example, if you want to include a password in an ftp url:

    Each of these has a function that converts that data back to the original, also.

    Hope this helps.

    ---John Holmes
    ---www.SepodatiCreations.com

  4. #3
  5. No Profile Picture
    Junior Member
    Devshed Newbie (0 - 499 posts)

    Join Date
    May 2000
    Posts
    12
    Rep Power
    0
    Dear John,

    Thank You for Your help.

    Roman

    <BLOCKQUOTE><font size="1" face="Verdana,Arial,Helvetica">quote:</font><HR>Originally posted by SepodatiCreations:
    From the PHP manual:

    string addslashes(string str);

    Returns a string with backslashes before characters that need to be quoted in database queries etc. These characters are single quote ('), double quote ("), backslash () and NUL (the null byte).


    string rawurlencode(string str);

    Returns a string in which all non-alphanumeric characters except

    -_.
    have been replaced with a percent (%) sign followed by two hex digits. This is the encoding described in RFC1738 for protecting literal characters from being interpreted as special URL delimiters, and for protecting URL's from being mangled by transmission media with character conversions (like some email systems). For example, if you want to include a password in an ftp url:

    Each of these has a function that converts that data back to the original, also.

    Hope this helps.

    ---John Holmes
    ---www.SepodatiCreations.com

    [/quote]

Similar Threads

  1. Replies: 2
    Last Post: February 15th, 2004, 08:59 AM
  2. Replies: 3
    Last Post: May 1st, 2002, 07:59 AM
  3. Disappearing data! (and other strangeness)
    By whoop in forum MySQL Help
    Replies: 0
    Last Post: July 24th, 2001, 12:01 PM
  4. How to save data as it was entered
    By quiquedcode in forum PHP Development
    Replies: 1
    Last Post: June 16th, 2001, 11:14 AM
  5. Replies: 4
    Last Post: May 31st, 2001, 10:04 AM

IMN logo majestic logo threadwatch logo seochat tools logo