Results 1 to 6 of 6
Thread: PHP str_replace not working?
Feb 18, 2013, 14:26 #1
- Join Date
- Dec 2007
- 0 Post(s)
- 0 Thread(s)
PHP str_replace not working?
I have a form on my website that allows a person to insert information. I'm trying to prevent from a mysql attack so I decided to try and fix that by not allowing apostrophe's into my mysql database. I'm using the str_replace function.
When visitor enters information this is the path the variable takes before entering into my database but for some reason apostrophe's are being accepted into my database and I don't know why. Any help would be appreciated.
$dealership = $_POST['dealership'];
$dealership = mysql_real_escape_string($dealership);
$dealership = stripslashes($dealership);
$dealership = capitalize($dealership); (my own function)
$dealership = trim($dealership);
$dealership = eregi_replace(",", "", $dealership);
$dealership = str_replace("'", "", $dealership);