Normally you shouldn't have to strip slashes on data coming out of the database. I think you'd be better off finding out why the data is being escaped twice than trying to undo something that shouldn't have been done in the first place (double-escaping).
Does the problem exist with code-created data, too, such as in my example? -- Hector On Wed, Feb 24, 2010 at 6:08 PM, Keyne <[email protected]> wrote: > > I don't need to use addslashes, just stripslashes in my view. > > public function insert($data) > { > $data = array( > 'nome' => $data['nome'], > 'email' => $data['email'], > 'sobre' => $data['sobre'] > ); > > return parent::insert($data); > } > > But, there is a way to turn this task (stripslashes) automatic? > > > > Hector Virgen wrote: > > > > How are you inserting that into the database? Here's one way to do it > that > > should work: > > > > $id = $db->insert('mytable', array( > > 'theString' => "I'm both entrepeneaur and..." > > )); > > > > Note that this method automatically builds the SQL and escapes the values > > for me -- no need to use addslashes() or mysql_real_escape_string(). > > > > Also, have you verified that magic quotes is off? You can run this code > to > > check: > > > > Zend_Debug::dump(get_magic_quotes_gpc()); > > > > -- > > Hector > > > > > > On Wed, Feb 24, 2010 at 5:34 PM, Keyne <[email protected]> wrote: > > > >> > >> I have the same issue. Magic quotes is off. > >> > >> My result looks like: "I\'m both entrepreneur and..." > >> The database row looks like this too: "I\'m both entrepreneur and..." > >> > >> And to get the data I use $this->fetchAll()->toArray(); > >> > >> Then I need to use stripslashes. > >> > >> What I need to do to avoid this? > >> > >> > >> Mark Steudel wrote: > >> > > >> > Have you looked to see if magic_quotes are on? > >> > > >> > On Wed, Feb 24, 2010 at 1:03 PM, Jurian Sluiman > >> > <[email protected]> wrote: > >> >> On Sunday 21 Feb 2010 21:43:04 troels knak-nielsen wrote: > >> >>> If that's the case, then you have double escaping going on. The data > >> >>> should not contain the slash once it's in the database. The point of > >> >>> adding the slash is to "protect" the data when it's embedded in *the > >> >>> query*. That is also why you don't have to (and indeed should not) > >> >>> unescape anything when reading from the database. The slashes are > >> >>> *only* there because you're embedding data in a query. > >> >>> > >> >>> Compare this with a string literal in php. Given the following: > >> >>> > >> >>> echo "A \"double\" quote"; > >> >>> > >> >>> Running this php code will output: > >> >>> > >> >>> A "double" quote > >> >>> > >> >>> That's because the *data* doesn't contain any slashes. The slashes > >> are > >> >>> there so that the php parser can read the literal string. Once they > >> >>> have been read into memory, the slashes are gone. Same thing with > >> sql. > >> >> > >> >> (sorry for my late reaction) > >> >> > >> >> So actually it isn't the data *retrieval* but rather the *insertion* > >> if > >> I > >> >> understand you right? The things I do are 99% from the manual: > >> >> > >> >> * Database initialized by application resource (db params: host, > >> >> username, > >> >> passwd, db name, isDefault = true) > >> >> * Data into model (My_Model_Name) and saves it into mapper > >> >> (My_Model_NameMapper). > >> >> * Mapper has DbTable obj, My_Model_DbTable_Name and extends > >> >> Zend_Db_Table_Abstract > >> >> * Data is saved through Zend_Db_Table_Abstract::insert() or > >> >> Zend_Db_Table_Abstract::update() methods > >> >> > >> >> After calling the method the strings are in the database like I said > >> (so > >> >> _with_ quotes). What's are the things I can look after (php settings, > >> >> mysql > >> >> settings, system settings) to solve this problem? > >> >> > >> >> Thanks in advance, > >> >> Jurian > >> >> -- > >> >> Jurian Sluiman > >> >> CTO Soflomo V.O.F. > >> >> http://soflomo.com > >> >> > >> > > >> > > >> > > >> > -- > >> > > >> > ----------------------------------------- > >> > Mark Steudel > >> > P: 206.375.7244 > >> > [email protected] > >> > > >> > . : Work : . > >> > http://www.mindfulinteractive.com > >> > > >> > . : Play : . > >> > http://www.steudel.org/blog > >> > > >> > > >> > >> -- > >> View this message in context: > >> > http://n4.nabble.com/Escape-stripslashes-and-html-entities-tp1562340p1568393.html > >> Sent from the Zend Framework mailing list archive at Nabble.com. > >> > > > > > > -- > View this message in context: > http://n4.nabble.com/Escape-stripslashes-and-html-entities-tp1562340p1568423.html > Sent from the Zend Framework mailing list archive at Nabble.com. >
