![]() |
vbulletin input clean classes
Hi,
I am trying to make a vbulletin powered custom page which is a html form. The user fills the form and the data is entered into the database. I use the database classes of vBulletin to connect to the database and insert values. My problem is that i use a insert statement as $var1 = $_REQUEST["var1"]; INSERT INTO TABLE VALUES (1, '$var1'); Now, if $var1 already contains a single quotes, i get an database error on submitting the form. Is there some class of vBulletin that i can use to insert the data into the database so that the database stores ' as well. Also, is there a easy way to prevent SQL injection? Thanks |
I figured how to escape the single quotes error. I used the following code
Code:
$vbulletin->input->clean_array_gpc('p', array( I hope my question is clear. Please help me |
Pls help!!
|
Use the function
nl2br() after it is retrieved from the database. |
All times are GMT. The time now is 10:04 AM. |
Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2025, vBulletin Solutions Inc.
X vBulletin 3.8.12 by vBS Debug Information | |
---|---|
|
|
![]() |
|
Template Usage:
Phrase Groups Available:
|
Included Files:
Hooks Called:
|