[TYPO3-english] Re: how to: properly escape strings in 4.5.30?
Calgacus map Brude
calgach at gmail.com
Thu Nov 21 23:09:54 CET 2013
-- When using one of the
-- INSERTquery or UPDATEquery, unless you specify otherwise the query itself
-- will escape values, so you don't have to do anything.
I tried that
$cleanedValues[$field] = strip_tags($value); removing the call to quoteStr
but the value that gets stored in the database does not have any backslashes escaping , for example, the single quotes. So it gets inserted raw without any escaping that I can see.
Thanks for responding !
More information about the TYPO3-english
mailing list