On Sat, Feb 20, 2010 at 9:51 AM, Jurian Sluiman
<[email protected]> wrote:
> Enter this data:
>> Hello my name is Jurian. I'm a Zend Framework user
>
> This means my data is stored into the database like this (checked with
> phpmyadmin:
>> Hello my name is Jurian. I\'m a Zend Framework user
If that's the case, then you have double escaping going on. The data
should not contain the slash once it's in the database. The point of
adding the slash is to "protect" the data when it's embedded in *the
query*. That is also why you don't have to (and indeed should not)
unescape anything when reading from the database. The slashes are
*only* there because you're embedding data in a query.
Compare this with a string literal in php. Given the following:
echo "A \"double\" quote";
Running this php code will output:
A "double" quote
That's because the *data* doesn't contain any slashes. The slashes are
there so that the php parser can read the literal string. Once they
have been read into memory, the slashes are gone. Same thing with sql.
--
troels
