On Fri, February 23, 2007 12:04 pm, Liz Kim wrote: > I've got all three Magic Quote directives turned off... > When I use sql query to grab any string from a database, it still > spits out > the \ in front of the special characters.. Here's one possible scenario: You *USED* to have Magic Quotes GPC "on" *AND* you were using an escape function such as addslashes or mysql_real_escape_string. So, in essence, you "double escaped" your data, and your database has BAD DATA in it. To explain "double escaped"... The whole point of this escaping business is to give the MySQL parser valid data to read in. Correct Escaping: ORIGINAL DATA ESCAPED DATA MYSQL STORES O'Brien O\'Brien O'Brien Double Escaped: ORIGINAL DATA DOUBLE ESCAPED DATA MYSQL STORES O'Brien O\\\'Brien O\'Brien Pretty much, if you ever used the function "stripslashes" you probably had double escaped data and never realized it. You've got a big mess on your hands, as the data stored by MySQL is not what it should be, and you'll have to find that data, stripslashes it once, and put it back in correctly, with just ONE escape mechanism (mysql_real_escape_string, ideally). About the only bright side is that calling stripslashes an "extra" time rarely, if ever, will cause a problem. -- Some people have a "gift" link here. Know what I want? I want you to buy a CD from some starving artist. http://cdbaby.com/browse/from/lynch Yeah, I get a buck. So? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
