in order to keep safe was told to use mysql_real_escape_string before sending to Mysql

Question

0

Editorial Team

Asked: May 20, 20262026-05-20T07:30:32+00:00 2026-05-20T07:30:32+00:00

in order to keep safe was told to use mysql_real_escape_string before sending to Mysql

0

in order to keep safe was told to

use mysql_real_escape_string before sending to Mysql if i’d be displayed

well i do:

....

   $b = mysql_real_escape_string($b);
   $r_int = mysql_real_escape_string($r_int);
   $r_ext= mysql_real_escape_string($r_ext);

   $id_tmp = $_SESSION['id'];
   $insert = "INSERT INTO table (nombre, coment, iduser,fecha)
                           VALUES ('$b','$r_int','$id_tmp',NOW())";
....

But if those values contained any <a href="where">go</a> it will turn into <a href="\where\">go</a>

and.. i can’t go! haha,

how can i solve this and keep safe?

thank you!

Report

Leave an answer
Cancel reply

You must login to add an answer.

Need An Account,

1 Answer

Editorial Team · Answer 1 · 2026-05-20T07:30:32+00:00

Editorial Team

2026-05-20T07:30:32+00:00Added an answer on May 20, 2026 at 7:30 am

stripslashes function of PHP

echo stripslashes($string);

takes out the slashes and displays it like it was originally

0

Reply
Share
Share

- Report

Sign Up

Sign In

Forgot Password

The Archive Base Latest Questions

in order to keep safe was told to use mysql_real_escape_string before sending to Mysql

Leave an answerCancel reply

1 Answer

Leave an answer
Cancel reply