質問

I have the simple need of allowing users to enter an apostrophe into various fields that will be saved to a MySQL table via PHP. When a user looks at this information, I would like it to be echoed out without a /. What is the best way to handle this. Below are my ideas:

  • set stripslashes when echoing out content
  • Convert the apostrophe to "'" back and forth

I am also running mysql_real_escape_string and htmlspecialchars on the posted data. Is there a standardized way of handling this? Thank you!

役に立ちましたか?

解決

You may use addslashes() for entering apostrophe and as you have already said use stripslashes() for echoing. Use addslashes() only if you want to add apostrophes for more escaping functions used mysql_real_escape_string

ライセンス: CC-BY-SA帰属
所属していません StackOverflow
scroll top