> -----Original Message----- > From: ed [mailto:[EMAIL PROTECTED]] > Sent: Wednesday, August 14, 2002 1:48 PM > To: [EMAIL PROTECTED] > Subject: [PHP] addslashes() and stripslashes() > > > Is it a good idea to always use addslashes() on a > value gathered from a text field or textarea?
Yes, always. > If you use addslashes() to "INSERT" the stuff into a > db, should you always use stripslashes() when you > "SELECT" it from the database? No, the slashes are there for so the SQL engine can separate the data from the sql statement. What's inserted or updates is the pre-addslashes value. Generally, if you don't addslashes() the sql statement won't execute. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
