What's better to use trim() or striplashes() when saving to db table

What’s better to use trim() or striplashes() when saving to db table? For example the majority of my data that’s being put into table is from forms. I generally use trim() (based on what I was taught in school), but the person who made most of the forms previous to me used striplashes(). I’m just curious as what is better use?

None of the above. Use prepared statements.

The right answer is actually neither - trim is for removing characters from the beginning and end of a string, and stripslashes removes the backslashes from a string. Stripslashes has a counterpart called addslashes that can be used to escape quotes and other characters that would cause a problem with an SQL query.

The recommended way to deal with this is to use prepared statements (available when using the mysqli or PDO extensions), which avoids problems with unescaped characters and protects you against SQL injection attacks when inserting user input into the DB.

That being said, you may also want to use functions like trim() to sanitize your data before inserting it into your DB.

Thanks. Appreciate the insight

This topic was automatically closed 91 days after the last reply. New replies are no longer allowed.