|
| Home | Accessibility | Courses | Diary | The Mouth | Forum | Resources | Site Map | About Us | Contact |
|
addslashes v mysql_real_escape_string in PHP  One of the most popular pages on our website is the one that shows you how to upload an image and store it in a database. And the associated demonstration showing you how to view images via a PHP script from a MySQL database is very popular too. An image may contain and ASCII characters at all ... so you can't just take the image data that you uploaded and put it into the MySQL INSERT statement - special characters such as NULL, and the double quote character, will cause problems - at best like the illustration you see accompanying this posting, and at worst you would leave yourself vulnerable to an injection attack. PHP provides a number of routines to allow you to add in extra characters to the uploaded image to protect the special characters from the database handler and ensure the data does truly get inserted into the database. addslashes use to work very nicely before the days of different character encoding - but it can't cope with that encoding in more recent MySQL versions and should no longer be used ... mysql_escape_string adds in appropriate slashes but it doesn't take care of the current encoding type if it's none-default; this function was deprecated at PHP 4.3.0 and replace by the one you should use ... mysql_real_escape_string which adds in the appropriate protection taking into proper account the current encoding. If you're using the mysqli functions rather than the mysql ones, you should use mysqli_real_escape_string which is just an alias to mysql_real_escape_string (written 2008-07-27 00:49:02) Associated topics are indexed under H309 - PHP - Maps, Graphics and GeographicsS158 - GUI tools for MySQL
Some other Articles
A short Perl exampleEquality and looks like tests - Perl Hot Courses - Perl A future vision for Melksham addslashes v mysql_real_escape_string in PHP Bath - Melksham - Devizes. Bus route changes, new timetable PHP examples - source code and try it out too Perl 6 - When will we have a production release? Some Ruby lesser used functions A special day - last Friday in July |
1892 posts, page by page
Link to page ... 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38 at 50 posts per pageThis is a page archived from The Horse's Mouth at http://www.wellho.net/horse/ - the diary and writings of Graham Ellis. Every attempt was made to provide current information at the time the page was written, but things do move forward in our business - new software releases, price changes, new techniques. Please check back via our main site for current courses, prices, versions, etc - any mention of a price in "The Horse's Mouth" cannot be taken as an offer to supply at that price.
Link to Ezine home page (for reading).
Link to Blogging home page (to add comments).
PH: 0800 043 8225 or 01225 708225 • FAX: 0845 8382 405 or 01225 707126 • EMAIL: info@wellho.net • WEB: http://www.wellho.net • SKYPE: wellho