Re: Re(2): Test (fwd)
| От | Frank Joerdens |
|---|---|
| Тема | Re: Re(2): Test (fwd) |
| Дата | |
| Msg-id | 20010615103011.A25185@rakete.joerdens.de обсуждение исходный текст |
| Ответ на | Re: Re(2): Test (fwd) ("Mitch Vincent" <mvincent@cablespeed.com>) |
| Список | pgsql-php |
On Thu, Jun 14, 2001 at 06:57:43PM -0400, Mitch Vincent wrote: > The apostrophe being a special character in PostgreSQL (and most other > databases), it needs to be escaped if you wish it to go nicely into a > query.. > addslashes() and related functions will help there. > > Another thing to keep in mine is htmlspecialchars() -- it's very useful > when someone might put a double quote in your form field -- which could > seriously mess up when you have something like <INPUT TYPE="TEXT" > NAME="Whatever" VALUE="this is what I'm "talking" about"> , sort of thing. Also note that the PHP runtime parameter magic_quotes_gpc is usually on by default which does the escaping by default. - Frank
В списке pgsql-php по дате отправления: