|  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #7630 ereg_replace or preg_replace
Submitted: 2000-11-03 17:57 UTC Modified: 2000-11-05 06:37 UTC
From: bmonro at ccbill dot com Assigned:
Status: Closed Package: Unknown/Other Function
PHP Version: 4.0.3pl1 OS: freeBSD
Private report: No CVE-ID: None
View Add Comment Developer Edit
Welcome! If you don't have a Git account, you can't do anything here.
You can add a comment by following this link or if you reported this bug, you can edit this bug over here.
Block user comment
Status: Assign to:
Bug Type:
From: bmonro at ccbill dot com
New email:
PHP Version: OS:


 [2000-11-03 17:57 UTC] bmonro at ccbill dot com
I have an HTML text input field generated by my php code:
	print "<input type=text name=varname>";

the script is accepting the input just fine.

I then need to pass the variable into a mysql database query.

This is where it barfs. 

it is putting backslashes before any single quotes i put in the text field.  So I tried using ereg_replace and preg_replace to replace the backslash with nothing (i.e. empty string).  but to no avail

here is what happens:

if I type this in the input box:

	login_id = 'username'

it sends this to the mysql query:
	login_id = \'username\'

ereg_replace and preg_replace are both getting messed up on the backslash. 



Add a Patch

Pull Requests

Add a Pull Request


AllCommentsChangesGit/SVN commitsRelated reports
 [2000-11-05 06:37 UTC]
1. Turn off magic_quotes in your php.ini
2. To enter backslash into regular expression, double it. Like this: "\\\\". Yes, I know this is ugly, that's how escaping works. 
3. Please do not use bug database to ask PHP questions. Use it if you are *sure* there's a bug. For PHP questions, there's
PHP Copyright © 2001-2024 The PHP Group
All rights reserved.
Last updated: Wed Jul 24 04:01:31 2024 UTC