I'm trying to escape the string bellow (Text + Youtube HTML IFrame): HTML Form to Database
$maq = TEXT TEXT TEXT TEXT TEXT TEXT TEXT TEXT +
<iframe width="300" height="265" src="//www.youtube.com/embed/0Ek2ayXgniw" frameborder="0" allowfullscreen></iframe>
To Update a MySQL Table:
$sql = "UPDATE maquinas SET
maq = $maq,
WHERE id = $id";
require 'connect.inc';
$sql_result = mysql_query ($sql,$connection) or die ();
I tried these following PHP functions before MySQL Update:
htmlentities($maq);
addslashes($maq);
htmlspecialchars();
mysql_real_escape_string($maq) **this before $sql_result**
None escaped HTML.
How can I do it ?