caveats when storing HTML inside mysql database as text (PHP)

hi i'm just wondering if you guys do this, and if so, should i still escape quotes? i just saw that mysql can actually store things as is, without escape quotes, however some engines automatically add a quote (maybe due to magic quotes turned on). is this still necessary or is it still advisable to escape the quotes then remove them upon output?

php html

asked Oct 10 '11 at 07:48

whatever
1.1k●1●3●29

What kind of HTML data would you like to store in the database?

(Oct 10 '11 at 14:46) Randell ♦♦

blog posts - html paragraphs, i plan to store an entire layout structure. design tags - bold, italic, strong, etcetera.

(Oct 10 '11 at 15:25) whatever

One Answer:

oldest newest most voted

I think there shouldn't be a problem as long as you can retrieve it exactly as it is. That's why magic quotes is actually deprecated and discouraged for 6.x.

The main use of it is just so strings doesn't end prematurely when running queries and iirc, the slash doesn't actually gets inserted in db.

link

answered Oct 10 '11 at 21:00

Marconi
928●9

edited Oct 10 '11 at 21:05

Your answer

toggle preview

community wiki

Follow this question

By Email:

Once you sign in you will be able to subscribe for any updates here

By RSS:

Answers

Answers and Comments

Markdown Basics

*italic* or __italic__
**bold** or __bold__
link:[text](http://url.com/ "title")
image?![alt text](/path/img.jpg "title")
numbered list: 1. Foo 2. Bar
to add a line break simply add two spaces to where you would like the new line to be.
basic HTML tags are also supported

learn more about Markdown

Tags:

php ×64
html ×9

Asked: Oct 10 '11 at 07:48

Seen: 758 times

Last updated: Oct 10 '11 at 21:05

caveats when storing HTML inside mysql database as text (PHP)

Follow this question

Related questions