Home/ Questions/Q 6809357
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-26T20:04:37+00:00

I have a problem with mysql_real_escape_string and addslashes . I have a form in

  • 0

I have a problem with mysql_real_escape_string and addslashes. I have a form in my PHP file where it is $_POST['title'], then I have:

$title = mysql_real_escape_string(addslashes($_POST['title']));

And I insert $title into my db. When I want to get this value from my db I have:

$title = stripslashes($results['title']);

Problem is when I submit something like this: abs"'@, my result is: abs\"\'@.

I don’t know where the bug is.

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    Don’t bother using addslashes at all, mysql_real_escape_string is more than capable of doing it on its own. So use:

    $title = mysql_real_escape_string($_POST['title']);

    And remove the stripslashes from your retrieval code. If the problem persists, you probably have one of the magic_quotes options on – if so, turn it off!

    • 0