[thelist] PHP addslashes() Problem

Tarrant Costelloe taz at insur-e.net
Thu Nov 7 05:43:02 CST 2002


I have a page in php which is displaying a var named $message, as an example
let's say:

> $message="Hello \"World\"";

So on previewing the variable I'm getting.

> Hello "World"

All works fine, however if from the preview page they choose to accept their
shown message (Hello "World"), they click a button named "Publish". The code
looks like such:

<input type="hidden" name="message" value="<? echo $message; ?>">
<input type="submit" name="frmaddblog" value="Publish Blog">

(As you can see I am parsing the message variable across to the other
function from within a hidden input box named also message)

Now on the next function picked up in isset(frmaddblog) I add the $message
into the database, if I was to do so with example previously mentioned it
would look like this: Hello
And completely miss out everything from the quotes onwards, in this case
"World". As you would expect, so I change the code as such by adding
slashes:

> // Add slashes
> $message = addslashes($message);

> <input type="hidden" name="message" value="<? echo $message; ?>">
> <input type="submit" name="frmaddblog" value="Publish Blog">

And now on inserting $message into the database I get:

> Hello \\

So please please someone explain for me a work around to get it to insert a
message even if the user has written something within quotes.

Kind Regards

Taz



More information about the thelist mailing list