Home/ Questions/Q 3637338
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-19T01:08:46+00:00

I have a bunch of html I want to put into a database field:

  • 0

I have a bunch of html I want to put into a database field:

Sample:

<div id="match">
    <div class="match_image">
    <div class="thumbnail_block" style="float:none;width:70px;height:70px;">
<div class="thumbnail_image" style="width:68px;height:68px;">
    <a href="http://website.com/sweetangel000" onmouseover="javascript:startUserInfoTimer( 3512, $(this).find('.sys-online-offline:first') )" onmouseout="javascript:stopUserInfoTimer(3512)">
        <img src="http://website.com/templates/tmpl_dt_valkyrie_gold/images/spacer.gif" style="background-image:url(http://www.i-date-u.com/modules/boonex/avatar/data/images/3294.jpg);" width="64" height="64" alt="sweetangel000" title="sweetangel000" />
        <img src="http://website.com/templates/tmpl_dt_valkyrie_gold/images/icons/sys_status_offline.png" alt="Offline" title="Offline" class="sys-online-offline" onclick="showFloatUserInfo(3512, $(this)); return false;" width="12" height="12" />
    </a>
</div>

I want to sort of bypass the single quotes but addslashes() destroys the email that is sent later.

Is there another way to do this?

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    You’ll need to run it through a sanitizing function (or use better yet, use parameterized queries). For MySQL, it’s mysql_real_escape_string. This should be done for all user input, not just HTML, to prevent SQL injection.

    • 0