Solved

real_escape_string Usage

Posted on 2016-11-15
4
39 Views
Last Modified: 2016-11-15
I use   $data = $mysqli->real_escape_string($data);
But the output has /r/n

Should i store it into my database like this?
What do you suggest i should do?
0
Comment
Question by:Braveheartli
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
4 Comments
 
LVL 110

Assisted Solution

by:Ray Paseur
Ray Paseur earned 250 total points
ID: 41887632
You should store exactly what you need in the database.  If the \r\n (end-of-line characters) are meaningful, store them.  If not, you might want to use PHP trim() to remove them.
0
 
LVL 57

Accepted Solution

by:
Julian Hansen earned 250 total points
ID: 41887638
The question is - do you need the \r\n in the string. For instance if it is at the end of the string you could probably trim() it. If it is in the string - as part of the formatting then you probably don't want to remove it.

The answer to the question is dependent on how the data will be viewed.

Any modifications to the data you make should be reversible to the extent that when displayed does not alter the intended layout of the data.

There is no problem with keeping the CR LF in the string.
0
 
LVL 110

Expert Comment

by:Ray Paseur
ID: 41887649
See also: https://www.experts-exchange.com/questions/28983112/real-escape-string-Usage.html#a41887646
The output probably has backslashes like this: \r\n.  These are end-of-line ("EOL") characters, roughly termed "carriage return" and "new line."  They probably come from a PC file or document, since Unix uses only one EOL, the \n.


You should store them if they are meaningful in the context of the data and if your application needs them.  Otherwise you can trim() them off.  It is possible to remove them from the interior of a data string, but it's a little more involved, and it's less likely that you would want to make a change in the middle of a data string.

These EOL characters interact with real_escape_string() functions because they contain backslashes that have programmatic meaning (just like escaped apostrophes).  The MySQLi engine strips backslashes automatically, with the understanding that it expects to receive escaped data, and store exact representations of the data.
0
 
LVL 1

Author Closing Comment

by:Braveheartli
ID: 41887978
Thank you
0

Featured Post

Enroll in May's Course of the Month

May’s Course of the Month is now available! Experts Exchange’s Premium Members and Team Accounts have access to a complimentary course each month as part of their membership—an extra way to increase training and boost professional development.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Developers of all skill levels should learn to use current best practices when developing websites. However many developers, new and old, fall into the trap of using deprecated features because this is what so many tutorials and books tell them to u…
Part of the Global Positioning System A geocode (https://developers.google.com/maps/documentation/geocoding/) is the major subset of a GPS coordinate (http://en.wikipedia.org/wiki/Global_Positioning_System), the other parts being the altitude and t…
The viewer will learn how to dynamically set the form action using jQuery.
The viewer will learn how to look for a specific file type in a local or remote server directory using PHP.

739 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question