Facebook  Twitter 

SMFHacks.com

+- +-

SMFHacks.com

+- User Information

Welcome, Guest.
Please login or register.
 
 
 
Forgot your password?

+- Forum Stats

Members
Total Members: 12298
Latest: kancelariaszuster
New This Month: 8
New This Week: 0
New Today: 0
Stats
Total Posts: 39607
Total Topics: 6977
Most Online Today: 97
Most Online Ever: 2482
(April 09, 2011, 07:02:45 pm)
Users Online
Members: 0
Guests: 33
Total: 33

Author Topic: Recording apostrophes into tables  (Read 283 times)

0 Members and 1 Guest are viewing this topic.

Offline shuban

  • Hero Member
  • *****
  • Posts: 649
    • View Profile
    • Homework Clinic - Your Academic Lifeline
Recording apostrophes into tables
« on: August 08, 2018, 04:27:44 pm »
Is it fine to record data containing apostrophe characters rather than their HTML codes?

Offline SMFHacks

  • Administrator
  • Hero Member
  • *****
  • Posts: 14832
    • View Profile
Re: Recording apostrophes into tables
« Reply #1 on: August 08, 2018, 04:39:45 pm »
As long as the database is escaped you can place it into the database.
Get your Forum Ranked! at https://www.forumrankings.net - find out how your forum compares with others!

Like What I do? Support me at https://www.patreon.com/vbgamer45/

Offline shuban

  • Hero Member
  • *****
  • Posts: 649
    • View Profile
    • Homework Clinic - Your Academic Lifeline
Re: Recording apostrophes into tables
« Reply #2 on: August 08, 2018, 05:20:50 pm »
That being said, I have a code that reads the URL with $_GET. Can you tell me if this is enough to protect from SQL injection?

$context['string'] = !empty($_GET['t']) ? trim(addslashes(stripslashes(un_htmlspecialchars($_GET['t'])))) : 0;

Code: [Select]
$dbresult = db_query("
SELECT column1
FROM {$db_prefix}TABLE_NAME
WHERE column1 LIKE '%".$context['string']."%'
LIMIT 1", __FILE__, __LINE__);

Offline SMFHacks

  • Administrator
  • Hero Member
  • *****
  • Posts: 14832
    • View Profile
Re: Recording apostrophes into tables
« Reply #3 on: August 08, 2018, 06:04:21 pm »
That should  be pretty good. since it escapes the ''s
Get your Forum Ranked! at https://www.forumrankings.net - find out how your forum compares with others!

Like What I do? Support me at https://www.patreon.com/vbgamer45/

 

Related Topics

  Subject / Started by Replies Last post
0 Replies
2267 Views
Last post February 13, 2008, 11:41:59 pm
by Rebecca
3 Replies
4221 Views
Last post August 06, 2012, 02:33:17 pm
by tank_fv101
6 Replies
2579 Views
Last post October 01, 2014, 11:54:27 am
by shuban

+- Recent Topics

[Mod] SEO Microdata Breadcrumbs by SMFHacks
March 22, 2019, 11:56:00 pm

Resizing by SMFHacks
March 22, 2019, 07:57:53 am

[Mod]Global Message Box by SMFHacks
March 19, 2019, 03:10:39 pm

condition de livraison by alain54100
March 17, 2019, 02:54:02 am

Redesign Work for SMF Store by alain54100
March 17, 2019, 02:50:32 am

Bulk upload image problem by alantani
March 14, 2019, 12:54:45 pm

German Translation missing in SMF 2.1R1 by SMFHacks
March 13, 2019, 07:08:19 pm

Gallery bug in 2.1 by SMFHacks
March 13, 2019, 08:32:32 am

Errors unstalling v7.2.1 by Ken.
March 11, 2019, 08:31:47 am

Pretty URLs and 2.1 by SMFHacks
March 07, 2019, 11:23:09 pm

Powered by EzPortal