On Sat, April 8, 2006 7:49 pm, jonathan wrote: > I have a server where magic_quotes_gpc is set to On. It's my > understanding that this should add slashes to something like "Joe's" > so that it's "Joe\'s" but when I look in the db, it is in there as > Joe's. This doesn't seem like it should be the anticipated behavior. It DOES add the slashes to $_GET. But when you put the data *IN* to MySQL, MySQL "eats" the slashes -- In fact, MySQL *needs* the slashes to distinguish somethings: ' the beginning of a string \' an apostrophe embedded IN a string ' the end of a string. So, in slow-motion: HTTP sends ' PHP Magic Quotes makes it be \' MySQL sees it *INSIDE* a string like 'Joe\'s' MySQL stores this internally: Joe's > Is there another setting in either PHP or MySQL that will > subsequently strip out slashes from magic_quotes_gpc or override this > setting such that the automatic adding of slashes isn't taking place? Just turn Magic Quotes *OFF* and use mysql_real_escape_string For the love of god do *NOT* try to do *both* MagicQuotes and mysql_real_escape_string and then be happy when you've got 'Joe\'s' *inside* your database. That just means you've corrupted your data. TIP: If you find yourself calling http://php.net/stripslashes you almost-for-sure have ended up calling addslashes or some thing similar twice. -- Like Music? http://l-i-e.com/artists.htm -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
