Adam Williams wrote: > In my form, I am parsing all the text inputs through > mysql_real_escape_string() before inserting the data. however, when I > look at the SQL query in PHP, when I type the word blah's to my text box > variable, and then insert it into mysql after being ran through > mysql_real_escape_string(), it does: > > insert into contract (contract_id, responsibility) VALUES (15, 'blah\\\'s') > > and when I query the in mysql/PHP it shows: > > select responsibility from contract where contract_id = 15; > +----------------+ > | responsibility | > +----------------+ > | blah\'s | > +----------------+ > 1 row in set (0.00 sec) > > and when I run that select statement in PHP it prints blah\'s on the > screen. I want it to print back blah's without the \. So what are my > options? run every variable through stripslashes(); before printing > them to the screen? >
If you have access to php.ini turn the magic_quotes_gpc off. If not, then you have to use one of examples on http://us.php.net/manual/en/function.get-magic-quotes-gpc.php -afan -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
