Paulo Silva
Reputation: 33
How to prevent SQL to store escape character with single quote character
I need to store text strings that will have single quote at beginning and end. I'm issuing JavaScript command from PHP. I'm adding the quotes to the string like this:
echo '<script type="text/javascript">';
echo 'function GetCodes() {';
echo 'var vlist = document.getElementById("vListOfCodes");';
echo 'var vcodes = "";';
echo 'var i;';
echo 'for (i = 0; i < vlist.length; i++) {';
echo 'if (i == 0) {';
echo 'vcodes = vcodes + "\'" + vlist.options[i].value + "\'";';
echo '}';
echo 'else {';
echo 'vcodes = vcodes + ",\'" + vlist.options[i].value + "\'";';
echo '}';
echo '}';
echo 'document.getElementById("vStringOfCodes").value = vcodes;';
echo '}';
echo '</script>';
When the form is posted and the $_POST['vStringOfCodes'] data saved to SQL SERVER table the backslash character is added along with the single quote, meaning instead of a value in the field of
'mystring',´mystring2',...
i have
\'mystring\',\'mystring2\',...
How can i prevent those backslashes from being added there?
Upvotes: 0
Views: 65
Answers (1)
Cemal
Reputation: 1579
You can use php native function stripslashes.
$str = "\'mytext\'";
echo stripslashes($str);
//outputs 'mytext'
//in your case
echo stripslashes($_POST['HiddenInput'])
Upvotes: 1
Related Questions
- How to prevent a SQL Injection escaping strings
- SQL Server Escape String
- How to escape strings in SQL Server using PHP?
- Handling special characters in and out of mysql
- How to escape single quotes in php for tsql string (ms sql)
- How do you escape quotes in a sql query using php?
- How to show double quotes " " in php?
- How to prevent escape characters in MySQL varchar inserted by PHP PDO via jQuery AJAX
- How to escape symbols in SQL query?
- Escaping Mysql special character string with javascript