On 1/3/08, Adam Williams <awilliam@xxxxxxxxxxxxxxxx> wrote: > > In my form, I am parsing all the text inputs through > mysql_real_escape_string() before inserting the data. however, when I > look at the SQL query in PHP, when I type the word blah's to my text box > variable, and then insert it into mysql after being ran through > mysql_real_escape_string(), it does: > > insert into contract (contract_id, responsibility) VALUES (15, > 'blah\\\'s') > > and when I query the in mysql/PHP it shows: > > select responsibility from contract where contract_id = 15; > +----------------+ > | responsibility | > +----------------+ > | blah\'s | > +----------------+ > 1 row in set (0.00 sec) > > and when I run that select statement in PHP it prints blah\'s on the > screen. I want it to print back blah's without the \. So what are my > options? run every variable through stripslashes(); before printing > them to the screen? > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > > Andy, The magic quotes directive is likely set to "on" in php.ini. Set it to 0 (zero) or 'Off'. David
