0

I just have done test to see if my aplication can handle special charcters.

In PHP form I add data to MySQL as folow:

"test" | 'test' | " £ $ % ^ & * ( ) | 'test' "test"

data have been escaped and in MySQL looks like this:

\\\"test\\\" | \\\'test\\\' | ! \\\" £ $ % ^ & * ( ) | \\\'test\\\' \\\"test\\\"

that goes to JSON like that:

[
    "\\\\\\\"test\\\\\\\"",
    "\\\\\\\'test\\\\\\\'",
    "! \\\\\\\" £ $ % ^ & * ( )",
    "\\\\\\\'test\\\\\\\' \\\\\\\"test\\\\\\\"",
]

that can't be parset in JSON so I checked above in JSONLint.com and I get that error:

Parse error on line 2:
..."test\\\\\\\"",    "\\\\\\\'test\\\\\\\
----------------------^
Expecting 'STRING', 'NUMBER', 'NULL', 'TRUE', 'FALSE', '{', '['

I know that can be fixed but not sure where?

  1. in PHP before I send to MySQL?
  2. in MySQL query before sent to MySQL database?
  3. in PHP before goes to JSON?
4

1 回答 1

0

in PHP before I send to MySQL?

Answer is prepared statments. Use PDO or mysqli

in MySQL query before sent to MySQL database?

Answer is prepared statments. Use PDO or mysqli

in PHP before goes to JSON?

Answer is json_encode. Don't escape same data twice.

于 2012-08-26T14:10:04.690 回答