Re: Something like Server.HTMLEncode for MySQL
Recommended (though it is not the only way)...
SET NAMES utf8 -- in your application language
CHARACTER SET utf8 -- on the LONGTEXT field
The equivalent of PHP's mysql_real_escape_string -- when building the string to INSERT.
Nothing -- when SELECTing the field
The equivalent of PHP's htmlspecialchars() when echoing for display in HTML.
Do not use HTMLEncode before inserting into the db table; it is inadequate and premature.
Explanation...
* The db table contains un-escaped utf8 bytes. But you need to escape things to get them INSERTed.
* When delivering to HTML, escaping (of a different sort) is needed.
Specs...
mysql_real_escape_string() escapes (I think) three characters '"\ by preceeding them with a \.
htmlspecialchars() escapes 4 things: "&<>
htmlentities() escapes those 4 things, plus turns an acute e into "é" (etc).
Subject
Written By
Posted
Re: Something like Server.HTMLEncode for MySQL
June 24, 2012 02:03PM
Sorry, you can't reply to this topic. It has been closed.
Content reproduced on this site is the property of the respective copyright holders.
It is not reviewed in advance by Oracle and does not necessarily represent the opinion
of Oracle or any other party.