Official Everybody Edits Forums

Do you think I could just leave this part blank and it'd be okay? We're just going to replace the whole thing with a header image anyway, right?

You are not logged in.

Pages: 1

Topic closed

#1 2016-08-04 19:06:16

Kirby
Member
Joined: 2015-04-04
Posts: 4,311

\'

whenever you do a ' in rep it corrects to \' for some reason

Offline

#2 2016-08-04 19:06:48

N1KF
Wiki Mod
From: ဪဪဪဪဪ From: ဪဪဪဪဪ From: ဪဪဪဪဪ
Joined: 2015-02-15
Posts: 11,157
Website

Re: \'

It happens with " too!

Offline

#3 2016-08-04 19:08:31

Kaslai
Official Caroler
From: SEAͩT̓͑TLͯͥͧͪ̽ͧE͑̚
Joined: 2015-02-17
Posts: 787

Re: \'

It's just PHP screwing up escape characters. Nothing to see here... Move on...

Offline

#4 2016-08-04 19:11:08

drunkbnu
Formerly HG
Joined: 2017-08-16
Posts: 2,306

Re: \'

Please. You never escape on HTML with \. You use &#39 for ' and &quot for ".

Offline

#5 2016-08-04 19:12:23

Different55
Forum Admin
Joined: 2015-02-07
Posts: 16,575

Re: \'

HG wrote:

Please. You never escape on HTML with \. You use &#39 for ' and &quot for ".

No but you escape MySQL with \ which is what's going on here.

"Sometimes failing a leap of faith is better than inching forward"
- ShinsukeIto

Offline

#6 2016-08-04 19:18:26

drunkbnu
Formerly HG
Joined: 2017-08-16
Posts: 2,306

Re: \'

Different55 wrote:
HG wrote:

Please. You never escape on HTML with \. You use &#39 for ' and &quot for ".

No but you escape MySQL with \ which is what's going on here.

Then escape the ' using the Unicode value, u0027. Then u0022 for ". I don't know how to escape Unicode on MySQL, but I guess you could use \x22 or \0x22. It's how it works on the Lua scripting language.

Offline

#7 2016-08-04 19:21:13

Kaslai
Official Caroler
From: SEAͩT̓͑TLͯͥͧͪ̽ͧE͑̚
Joined: 2015-02-17
Posts: 787

Re: \'

HG wrote:
Different55 wrote:
HG wrote:

Please. You never escape on HTML with \. You use &#39 for ' and &quot for ".

No but you escape MySQL with \ which is what's going on here.

Then escape the ' using the Unicode value, u0027. Then u0022 for ". I don't know how to escape Unicode on MySQL, but I guess you could use \x22 or \0x22. It's how it works on the Lua scripting language.

It's clear that you don't know how PHP+MySQL works... You should probably just stop talking.

If only there was a technique that allowed you to prepare SQL queries in such a way that you can issue a query without any need to escape the inputs...

Offline

#8 2016-08-04 19:31:50

Different55
Forum Admin
Joined: 2015-02-07
Posts: 16,575

Re: \'

Fixed, locked. The rep system escaped things with PHP's addslashes() function, and then fed it through the mysqli_real_escape_string(). So first addslashes escaped quotes with \s, then mysql's escape came along and re-escaped those, and also escaped the backslashes.

"Sometimes failing a leap of faith is better than inching forward"
- ShinsukeIto

Offline

Wooted by:

BuzzerBee

Different551470335510616382

Pages: 1

Topic closed

Board footer

Powered by FluxBB

[ Started around 1738446280.7328 - Generated in 0.040 seconds, 12 queries executed - Memory usage: 1.43 MiB (Peak: 1.53 MiB) ]