In my attempts to protect my database from mySQL injection I have created another problem for myself....
Currently all user inputted strings go through this function;
Code: function cleanQuery($string)
{
if(get_magic_quotes_gpc())
{
$string = stripslashes($string);
}
$string = mysql_real_escape_string($string);
$string = htmlentities($string);
return $string;
}
In the most, its great HOWEVER... there are three fields which I would like the user to be able to enter spaces in. An "About me" field for example, if it is run through the above function the new lines are replaced with a 'r' which i assume is "created" by the mysql_real_escape.
Question;
1) Should i run the function on every user variable?
2) Is there a safe "fix" or something alternative which i can run on the three fields which may require line breaks.
thanks.
breaking a text file into paragraphs based on strings
I have a text file of email addresses that is all squished together. It looks like this: abcd@gmail.comfefef@mail.comfefefef@yahoo.comfewferf@mail.net...What I want to do is insert a paragraph after
Functions Not Loading Into Div
I had some help doing some of this but what I'm trying to do is get my functions to retrieve its values from the backstagefunctions.php file and place the contents in the content div but when you
Date/Time and Checkbox
Hi Everyone, I am trying to figure out how to insert the current date and time into the database.Scenario:1) user enter my site and fills up the forum2) hits the submit button3)
Most basic form question ever?
Hello,I want to use this snippet to make sure the fields in a form are ok before processing it.Code: <FORM method="post">To:<input type="text"
PHP Programming error. Please help!
Hi there,Am making a website for a friend and have encountered a problem that i need fixing fast.I get this error when i try to run the code below: QuotePHP Error MessageWarning: Unexpected character
problem with array - multilingual page
this is my test page :Code: <?php if(isset($_GET['lang'])) { if($_GET['lang'] == "en") { require_once("languages/lang-en.php"); }
pointer 102 question
I read a book
a function to check directory depth
I'm working on a php script to upload files in to a set directory.the user can select to upload into the "upload" directory or any of its subdirectories.at the moment the user is able to
Turning Data into URLs?
This may seem very basic to you, but I'm having a hard time figuring out how to do this since I don't even know what the proper term for it is:Background info:Animals Table - animalid, name, photo,
BI in Upstream Production operations
Appreciate if you can assist in the following areas:
