str_replace problems

darkvirus

I'm trying to put information from a user into a database, i cant just use simple mysql queries to put data in such as ' and " and \ that users might put into the input form.

Ive been using str_replace to search for these an change them so they can put a \ infront so they can put the characters in

the code im using so far is:

$change = "\\";
$to = "\\\\";
$newtext = str_replace($change, $to, $a_row[post_text]);
$change2 = array("\"", "'");
$to2 = array("\\\"", "\'");
$newtext2 = str_replace($change2, $to2, $newtext);

the problem im having is it will change ' to \' so it can put it in the database but it then seems to then run the first one str_replace and change it to \' so it wont put it in the database

example:
if the user puts the word "it's" in the form, i get errors and it will show the error in the word "it\'s

paulnaj

Try the function addslashes() and its associates.

seby

addslashes($a_row['post_text'])

thats all you need. if you need more help, post the query and i'll fix it.