That is incorrect. There *IS* a setting for another magic_quotes_runtime, which will do addslashes to all data coming FROM the database. That's a particularly silly setting UNLESS your entire application consists of taking date out of one database and shoving it into another database -- which is extremely rare. But, if you *DID* have such an application, and if you *DID* have magic_quotes_runtime turned on, and if you *DID* want to echo something out to see what it was, you'd want to use stripslashes, because magic_quotes_runtime has added slashes to your data on its way OUT of the database. Bottom line: First thing you do is drown all the laywers. SECOND thing you do is turn magic_quotes_gpc *OFF*! And most certainly magic_quotes_runtime should be OFF, as it's just plain silly, really, to ever have it on. On Sat, April 8, 2006 10:03 pm, jonathan wrote: > that makes more sense but in that situation, I wouldn't need to > stripslashes but most tutorials tell you that you need to > stripslashes when echoing the row? it seems like that would be > incorrect. > > On Apr 8, 2006, at 7:57 PM, Richard Lynch wrote: > >> On Sat, April 8, 2006 7:49 pm, jonathan wrote: >>> I have a server where magic_quotes_gpc is set to On. It's my >>> understanding that this should add slashes to something like >>> "Joe's" >>> so that it's "Joe\'s" but when I look in the db, it is in there as >>> Joe's. This doesn't seem like it should be the anticipated >>> behavior. >> >> It DOES add the slashes to $_GET. >> >> But when you put the data *IN* to MySQL, MySQL "eats" the slashes -- >> In fact, MySQL *needs* the slashes to distinguish somethings: >> ' the beginning of a string >> \' an apostrophe embedded IN a string >> ' the end of a string. >> >> So, in slow-motion: >> >> HTTP sends ' >> PHP Magic Quotes makes it be \' >> MySQL sees it *INSIDE* a string like 'Joe\'s' >> MySQL stores this internally: Joe's >> >>> Is there another setting in either PHP or MySQL that will >>> subsequently strip out slashes from magic_quotes_gpc or override >>> this >>> setting such that the automatic adding of slashes isn't taking >>> place? >> >> Just turn Magic Quotes *OFF* and use mysql_real_escape_string >> >> For the love of god do *NOT* try to do *both* MagicQuotes and >> mysql_real_escape_string and then be happy when you've got 'Joe\'s' >> *inside* your database. >> >> That just means you've corrupted your data. >> >> TIP: >> If you find yourself calling http://php.net/stripslashes you >> almost-for-sure have ended up calling addslashes or some thing >> similar >> twice. >> >> -- >> Like Music? >> http://l-i-e.com/artists.htm >> >> -- >> PHP General Mailing List (http://www.php.net/) >> To unsubscribe, visit: http://www.php.net/unsub.php >> >> >> > > -- Like Music? http://l-i-e.com/artists.htm -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
