Organizational Research By

Surprising Reserch Topic

Experts Most Trusted Topic


decoding mysql real escape string for outputting html using -'php,sql-injection,html-encode,mysql-real-escape-string'


decoding mysql real escape string for outputting html  using -'php,sql-injection,html-encode,mysql-real-escape-string'

I'm trying to protect myself from sql injection and am using:

mysql_real_escape_string($string);


When posting HTML it looks something like this:

<span class="\&quot;className\&quot;">
<p class="\&quot;pClass\&quot;" id="\&quot;pId\&quot;"></p>
</span>


I'm not sure how many other variations real_escape_string adds so don't want to just replace a few and miss others... How do I "decode" this back into correctly formatted HTML, with something like:

html_entity_decode(stripslashes($string));

    

asked Sep 7, 2015 by rajesh
0 votes
41 views



Related Hot Questions



Walkin Jobs Opening



Government Jobs Opening


...