mySQL result coming with the bars

Navigation
2

I'm using link , and when I send something to the database, for example, if I add this HTML tag <img = src="http://link">intheeditor,andsendittothedatabase,itsaves<img==\"\" src=\"http://link\"> and that way when I select it to display in the frontend, because of the bars it does not display the image, and to send to the database I did so: / p> 

if(isset($_POST['acao']) && $_POST['acao'] == 'cadastrar'):
    $dE =    $datahj;
    $msg =   $_POST['aviso'];

    $assunto = $_POST['assunto'];

      $dados_cadastrar = array(
      'data' => $dE,
      'autor' => 'WEnder T',
      'assunto' => $msg,
      'msg' => $w,
      'tag' => '',
      'curto' => '',
      'capa' => '',
      'ads' =>  1
      );
      if($site->inserir('postagem', $dados_cadastrar)){
      echo 'ok';


      }else{
      echo 'erro';
      }

    endif;

The function of inserting PHP: 

//metodo de insert
    public function inserir($tabela, $dados) {


        $pegarCampos = array_keys($dados);
        $contarCampos = count($pegarCampos);
        $pegarValores = array_values($dados);
        $contarValores = count($pegarValores);

        $sql = "INSERT INTO $tabela (";

        if ($contarCampos == $contarValores) {
            foreach ($pegarCampos as $campo) {

                $sql .= $campo . ', ';

            }
            $sql = substr_replace($sql, ")", -2, 1);
            $sql .= "VALUES (";

            for ($i = 0; $i < $contarValores; $i++) {
                $sql .= "?, ";
                $i;
            }

            $sql = substr_replace($sql, ")", -2, 1);
        } else {
            return false;
        }

        try {
            $inserir = self::conn()->prepare($sql);
            if ($inserir->execute($pegarValores)) {
                return true;
            } else {
                return false;
            }
        } catch (PDOException $e) {
            return false;
        }
    }

How can I resolve this problem?

    
asked by anonymous 20.01.2016 / 23:03

1 answer

3

Just to leave a final answer ...

Just manipulate the string rebebida before saving it in the database, transforming \" to ' because HTML also interprets single quotation marks. The simplest way is to use the str_replace () function, thus: 

 str_replace("\\"", "'", "<img src=\"http://link\">");
 /*
     \ quebra a \ e \" quebra as apas simples, juntando os dois,
     a função irá trocar todos \" por ', poderia usar '\"' no lugar de "\\""
 */
    
20.01.2016 / 23:58
Log into separate files with SLF4J on AWS JdbcTemplate - How to commit and rollback?