[TYPO3-english] Re: how to: properly escape strings in 4.5.30?

Calgacus map Brude calgach at gmail.com
Thu Nov 21 23:09:54 CET 2013

-- When using one of the
-- INSERTquery or UPDATEquery, unless you specify otherwise the query itself
-- will escape values, so you don't have to do anything.

I tried that 
$cleanedValues[$field] = strip_tags($value);  removing the call to quoteStr 
but the value that gets stored in the database does not have any backslashes escaping , for example, the single quotes.  So it gets inserted raw without any escaping that I can see.  

Thanks for responding !

More information about the TYPO3-english mailing list