Can't get rid of escaped quote (solved, but...)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Solved (see bottom of message) but surely there's a better solution?


Sorry for this looong explanation, but I've been tearing my hair out with
this problem...

I use php 4.3.4 and ADOdb 4.64, developing on Win2000.

I've got magic_quotes_gpc switched off explicitly in htaccess, and I checked
phpinfo that it really is off. And magic_quotes_runtime is also off.

And I have a string fragment in a MySQL database field as

  ... click the <a href="http://www.link";>link</a> ...

I can clearly see this value in my database manager. However when I read it
from the database it unexpectedly changes to

  click the <a href=\"http://www.link\";>link</a>

even before I get it into my code - in my debugger I can see this in the
result set before my code even has a chance to screw it up. And the browser
can't handle this.

I've single-stepped through the ADOdb code and can see that the $rs fields
has the escaped quotes as soon as it executes the mysql command. I'm
confident there's nothing wrong with ADOdb - it's always worked like a
charm. The ADOdb manual mentions that mysql escapes quotes with a backslash,
but once the string is in a php variable I should be able to do with it what
I want, shouldn't I?

I have tried the following work-arounds without success (individually of
course, not all at the same time):

$string = stripslashes($string);
$string = str_replace('\\"', '"', $string);
$string = str_replace("\\", "", $string);    // should be the same as
stripslashes
$string = str_replace("\\\"", "\"", $string);
$string = str_replace("\\\"", "'", $string);
$string = str_replace("\\\"", "\'", $string);
$string = str_replace("\\\"", "", $string);  // should remove the backslash
and the quote

In every case $string behaves as though it's a "read-only" variable for the
backslashes (I tried replacing other characters and they get replaced as
expected).

According to the php manual this is exactly what stripslashes is meant for
but it's not working in this case.

I also tried
  $string = str_replace("click", '<a href="http://www.link";>', $string);
and it changed to
  <a href=\"http://www.link\";> the <a href=\"http://www.link\";>link</a>
(ie it added the slashes)

but this worked
  $string = str_replace("click", "<a href='http://www.link'>", $string);
(ie no slashes were added)
...so why doesn't work-around 5 or 6 above work?

First prize is to stop the quotes being escaped. If I can't stop the magical
appearance of the escaped quotes then str_replace('\\"' would be second
prize because I can't guarantee that the end user won't intentionally use a
backslash in the template string. stripslashes would be a poor third, and
needing to go through the string character by character would tell me I
should be coding in a different language.

So...
(1) Why are these quotes being escaped even with magic_quotes_gpc off?
(2) Why doesn't stripslashes or str_replace remove the backslashes?
(3) How do I get rid of these backslashes without killing the server?

I'm sure I'm doing something really stupid here but I just can't figure out
what it is. Hope someone has a simple answer.

TIA
Arno


OK, I tried one last thing before sending this, and IT WORKED
$string = str_replace("\"", "'", $string);
.. changed the double-quotes to single quotes and magically dropped the
backslashes.

But I'm sure the end-user will at some stage use double-quotes as part of
the text, and won't expect it to come out as single quotes. Surely there
must be a proper solution to this?

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php


[Index of Archives]     [PHP Home]     [Apache Users]     [PHP on Windows]     [Kernel Newbies]     [PHP Install]     [PHP Classes]     [Pear]     [Postgresql]     [Postgresql PHP]     [PHP on Windows]     [PHP Database Programming]     [PHP SOAP]

  Powered by Linux