Facebook  Twitter 

SMFHacks.com

+- +-

SMFHacks.com

+- User Information

Welcome, Guest.
Please login or register.
 
 
 
Forgot your password?

+- Forum Stats

Members
Total Members: 12209
Latest: esoterico
New This Month: 17
New This Week: 9
New Today: 1
Stats
Total Posts: 39237
Total Topics: 6906
Most Online Today: 180
Most Online Ever: 2482
(April 09, 2011, 07:02:45 pm)
Users Online
Members: 0
Guests: 52
Total: 52

Author Topic: Recording apostrophes into tables  (Read 156 times)

0 Members and 1 Guest are viewing this topic.

Offline shuban

  • Hero Member
  • *****
  • Posts: 645
    • View Profile
    • Biology Forums - For All Your Science Needs
Recording apostrophes into tables
« on: August 08, 2018, 04:27:44 pm »
Is it fine to record data containing apostrophe characters rather than their HTML codes?

Offline SMFHacks

  • Administrator
  • Hero Member
  • *****
  • Posts: 14645
    • View Profile
Re: Recording apostrophes into tables
« Reply #1 on: August 08, 2018, 04:39:45 pm »
As long as the database is escaped you can place it into the database.
Get your Forum Ranked! at https://www.forumrankings.net - find out how your forum compares with others!

Like What I do? Support me at https://www.patreon.com/vbgamer45/

Offline shuban

  • Hero Member
  • *****
  • Posts: 645
    • View Profile
    • Biology Forums - For All Your Science Needs
Re: Recording apostrophes into tables
« Reply #2 on: August 08, 2018, 05:20:50 pm »
That being said, I have a code that reads the URL with $_GET. Can you tell me if this is enough to protect from SQL injection?

$context['string'] = !empty($_GET['t']) ? trim(addslashes(stripslashes(un_htmlspecialchars($_GET['t'])))) : 0;

Code: [Select]
$dbresult = db_query("
SELECT column1
FROM {$db_prefix}TABLE_NAME
WHERE column1 LIKE '%".$context['string']."%'
LIMIT 1", __FILE__, __LINE__);

Offline SMFHacks

  • Administrator
  • Hero Member
  • *****
  • Posts: 14645
    • View Profile
Re: Recording apostrophes into tables
« Reply #3 on: August 08, 2018, 06:04:21 pm »
That should  be pretty good. since it escapes the ''s
Get your Forum Ranked! at https://www.forumrankings.net - find out how your forum compares with others!

Like What I do? Support me at https://www.patreon.com/vbgamer45/

 

Related Topics

  Subject / Started by Replies Last post
0 Replies
2216 Views
Last post February 13, 2008, 11:41:59 pm
by Rebecca
3 Replies
4150 Views
Last post August 06, 2012, 02:33:17 pm
by tank_fv101
6 Replies
2491 Views
Last post October 01, 2014, 11:54:27 am
by shuban

+- Recent Topics

banner visible only to admin by SMFHacks
Today at 02:45:55 pm

message editor pro by dan42101
October 19, 2018, 11:26:45 pm

multiple currencies bug by SMFHacks
October 19, 2018, 09:45:49 pm

Looking for ideas for next SMF Classifieds by SMFHacks
October 19, 2018, 04:41:48 pm

Turn off Download Stats? by SMFHacks
October 18, 2018, 12:12:28 pm

KARMA Badge by SMFHacks
October 17, 2018, 11:17:16 pm

remove the boards ? by SMFHacks
October 16, 2018, 03:08:00 pm

Upgraded to pro - some features not working? by SMFHacks
October 16, 2018, 10:21:38 am

SMF lottery mod by SMFHacks
October 13, 2018, 08:02:41 am

Error after adding Russian translation by SMFHacks
October 08, 2018, 04:10:41 pm

Powered by EzPortal