Facebook  Twitter 

SMFHacks.com

+- +-

SMFHacks.com

+- User Information

Welcome, Guest.
Please login or register.
 
 
 
Forgot your password?

+- Forum Stats

Members
Total Members: 12424
Latest: serbenfiquista
New This Month: 5
New This Week: 0
New Today: 0
Stats
Total Posts: 40041
Total Topics: 7046
Most Online Today: 67
Most Online Ever: 2482
(April 09, 2011, 07:02:45 pm)
Users Online
Members: 0
Guests: 135
Total: 135

Author Topic: Recording apostrophes into tables  (Read 581 times)

0 Members and 1 Guest are viewing this topic.

Offline shuban

  • Hero Member
  • *****
  • Posts: 653
    • View Profile
    • Homework Clinic - Your Academic Lifeline
Recording apostrophes into tables
« on: August 08, 2018, 04:27:44 pm »
Is it fine to record data containing apostrophe characters rather than their HTML codes?

Offline SMFHacks

  • Administrator
  • Hero Member
  • *****
  • Posts: 15023
    • View Profile
Re: Recording apostrophes into tables
« Reply #1 on: August 08, 2018, 04:39:45 pm »
As long as the database is escaped you can place it into the database.
Get your Forum Ranked! at https://www.forumrankings.net - find out how your forum compares with others!

Like What I do? Support me at https://www.patreon.com/vbgamer45/

Offline shuban

  • Hero Member
  • *****
  • Posts: 653
    • View Profile
    • Homework Clinic - Your Academic Lifeline
Re: Recording apostrophes into tables
« Reply #2 on: August 08, 2018, 05:20:50 pm »
That being said, I have a code that reads the URL with $_GET. Can you tell me if this is enough to protect from SQL injection?

$context['string'] = !empty($_GET['t']) ? trim(addslashes(stripslashes(un_htmlspecialchars($_GET['t'])))) : 0;

Code: [Select]
$dbresult = db_query("
SELECT column1
FROM {$db_prefix}TABLE_NAME
WHERE column1 LIKE '%".$context['string']."%'
LIMIT 1", __FILE__, __LINE__);

Offline SMFHacks

  • Administrator
  • Hero Member
  • *****
  • Posts: 15023
    • View Profile
Re: Recording apostrophes into tables
« Reply #3 on: August 08, 2018, 06:04:21 pm »
That should  be pretty good. since it escapes the ''s
Get your Forum Ranked! at https://www.forumrankings.net - find out how your forum compares with others!

Like What I do? Support me at https://www.patreon.com/vbgamer45/

 

Related Topics

  Subject / Started by Replies Last post
0 Replies
2332 Views
Last post February 13, 2008, 11:41:59 pm
by Rebecca
3 Replies
4438 Views
Last post August 06, 2012, 02:33:17 pm
by tank_fv101
6 Replies
2714 Views
Last post October 01, 2014, 11:54:27 am
by shuban

+- Recent Topics

Order of photos by D4611001
Today at 12:06:36 pm

Cannot install by SMFHacks
January 18, 2020, 09:40:56 pm

Call to undefined function mysql_query() by SMFHacks
January 18, 2020, 02:06:47 pm

English British Translation file by HAL9000
January 17, 2020, 05:44:28 pm

Characters dispayed as boxes by SMFHacks
January 16, 2020, 07:21:51 am

Multiple adds where one used to be? by SMFHacks
January 07, 2020, 08:20:38 am

Ribbon Theme Logo Position by slizzie1986
January 06, 2020, 08:52:31 pm

System enhancement? by SMFHacks
January 03, 2020, 09:22:45 am

Pretty Url Pro Is it compatible with 7.2? by Rock Lee
January 01, 2020, 08:53:50 pm

SMF Cookie Change Compatibly by HDB
December 28, 2019, 03:33:49 pm

Powered by EzPortal