Home Accessibility Courses Twitter The Mouth Facebook Resources Site Map About Us Contact
 
For 2021 - online Python 3 training - see ((here)).

Our plans were to retire in summer 2020 and see the world, but Coronavirus has lead us into a lot of lockdown programming in Python 3 and PHP 7.
We can now offer tailored online training - small groups, real tutors - works really well for groups of 4 to 14 delegates. Anywhere in the world; course language English.

Please ask about private 'maintenance' training for Python 2, Tcl, Perl, PHP, Lua, etc.
addslashes v mysql_real_escape_string in PHP

One of the most popular pages on our website is the one that shows you how to upload an image and store it in a database. And the associated demonstration showing you how to view images via a PHP script from a MySQL database is very popular too.

An image may contain and ASCII characters at all ... so you can't just take the image data that you uploaded and put it into the MySQL INSERT statement - special characters such as NULL, and the double quote character, will cause problems - at best like the illustration you see accompanying this posting, and at worst you would leave yourself vulnerable to an injection attack.

PHP provides a number of routines to allow you to add in extra characters to the uploaded image to protect the special characters from the database handler and ensure the data does truly get inserted into the database.

addslashes use to work very nicely before the days of different character encoding - but it can't cope with that encoding in more recent MySQL versions and should no longer be used ...

mysql_escape_string adds in appropriate slashes but it doesn't take care of the current encoding type if it's none-default; this function was deprecated at PHP 4.3.0 and replace by the one you should use ...

mysql_real_escape_string which adds in the appropriate protection taking into proper account the current encoding.

If you're using the mysqli functions rather than the mysql ones, you should use mysqli_real_escape_string which is just an alias to mysql_real_escape_string

(written 2008-07-27, updated 2008-07-30)

 
Associated topics are indexed as below, or enter http://melksh.am/nnnn for individual articles
S158 - GUI tools for MySQL
  [572] Giving the researcher power over database analysis - (2006-01-22)

H309 - PHP - Maps, Graphics and Geographics
  [320] Ordnance Survey - using a 'Get a map' - (2005-05-22)
  [563] Merging pictures using PHP and GD - (2006-01-13)
  [665] PHP Image viewing application - (2006-04-01)
  [937] Display an image from a MySQL database in a web page via PHP - (2006-11-22)
  [1104] Drawing dynamic graphs in PHP - (2007-03-09)
  [1194] Drawing hands on a clock face - PHP - (2007-05-19)
  [1389] Controlling and labelling Google maps via PHP - (2007-10-13)
  [1390] Converting from postal address to latitude / longitude - (2007-10-13)
  [1391] Ordnance Survey Grid Reference to Latitude / Longitude - (2007-10-14)
  [1628] Gant charts - drawing them with a PHP script - (2008-05-03)
  [1734] All around the world? - (2008-08-03)
  [1752] Dynamic maps / geographics in PHP - (2008-08-13)
  [1756] Ever had One of THOSE mornings? - (2008-08-16)
  [1923] Making it all worthwhile - (2008-12-04)
  [1956] Images for Christmas - (2008-12-21)
  [2343] World Flags in your PHP pages - (2009-08-10)
  [2361] Geocoding - converting address to latitude / Longitude with PHP via Google - (2009-08-14)
  [2390] Dynamic / changing images on your web page - (2009-09-01)
  [2583] Reducing image size on digital photos - PHP - (2010-01-17)
  [2675] Redirecting to your main domain for correct security keys - (2010-03-13)
  [2729] Uploading a document or image to its own URL via a browser - (2010-04-18)
  [2939] Protecting your images from use out of context - (2010-08-29)
  [3027] Server logs - drawing a graph of gathered data - (2010-11-03)
  [3133] An image from a website that occasionally comes out as hyroglyphics - (2011-01-14)
  [3197] Finding and diverting image requests from rogue domains - (2011-03-08)
  [3211] Computer Graphics in PHP - World (incoming data) to Pixel (screen) conversion - (2011-03-24)
  [3447] Needle in a haystack - finding the web server overload - (2011-09-18)
  [3536] UK Mapping Data - and more to come - under government Open Data measures - (2011-12-03)
  [3584] QR codes - graphics images that provide quick phone links - (2012-01-18)
  [3734] QR codes with marketing logos embedded - (2012-05-16)
  [3817] Fpdf - generating .pdf documents easily from your PHP program - (2012-07-24)
  [4178] Where are you? How to write a geosensitive application - (2013-09-18)
  [4365] The changing face of Christmas - (2014-12-26)
  [4437] Adding a PHP build option, rotating an image based on camera data, and a new look at thumbnails in PHP - (2015-02-22)
  [4655] Image indexer / thumbnail display scripts in PHP - (2016-02-25)


Back to
Bath - Melksham - Devizes. Bus route changes, new timetable
Previous and next
or
Horse's mouth home
Forward to
A future vision for Melksham
Some other Articles
A short Perl example
Equality and looks like tests - Perl
Hot Courses - Perl
A future vision for Melksham
addslashes v mysql_real_escape_string in PHP
Bath - Melksham - Devizes. Bus route changes, new timetable
PHP examples - source code and try it out too
Perl 6 - When will we have a production release?
Some Ruby lesser used functions
A special day - last Friday in July
4759 posts, page by page
Link to page ... 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51, 52, 53, 54, 55, 56, 57, 58, 59, 60, 61, 62, 63, 64, 65, 66, 67, 68, 69, 70, 71, 72, 73, 74, 75, 76, 77, 78, 79, 80, 81, 82, 83, 84, 85, 86, 87, 88, 89, 90, 91, 92, 93, 94, 95, 96 at 50 posts per page


This is a page archived from The Horse's Mouth at http://www.wellho.net/horse/ - the diary and writings of Graham Ellis. Every attempt was made to provide current information at the time the page was written, but things do move forward in our business - new software releases, price changes, new techniques. Please check back via our main site for current courses, prices, versions, etc - any mention of a price in "The Horse's Mouth" cannot be taken as an offer to supply at that price.

Link to Ezine home page (for reading).
Link to Blogging home page (to add comments).

You can Add a comment or ranking to this page

© WELL HOUSE CONSULTANTS LTD., 2021: 48 Spa Road • Melksham, Wiltshire • United Kingdom • SN12 7NY
PH: 01144 1225 708225 • EMAIL: info@wellho.net • WEB: http://www.wellho.net • SKYPE: wellho

PAGE: http://www.wellho.net/mouth/1724_add ... n-PHP.html • PAGE BUILT: Sun Oct 11 16:07:41 2020 • BUILD SYSTEM: JelliaJamb