Home/ Questions/Q 8095199
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-06-05T21:02:38+00:00

i’m in a strange situation, in my server when i insert string to DB

  • 0

i’m in a strange situation, in my server when i insert string to DB with mysql_real_escape_string then i print it, everything is ok and looks like mysql make an auto stripslashes! for example i save tes't then print it: tes't but in my localhost with php 4.2 installed i give tes\'t with same code. whats mystery of mysql?? like to know how must insert and select data to db safe and clean, once forever! because it makes me really confuse!

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    You likely have magic quotes turned on. Rather than trying to work around this, you should just turn it off. If you don’t have access to the server, you should still deal with it in a global manner. For example:

    if ( ( function_exists('get_magic_quotes_gpc') && get_magic_quotes_gpc() ) || ini_get('magic_quotes_sybase') ) {
    foreach ( $_POST as $k => $v ) { $_POST[$k] = stripslashes($v); }
    foreach ( $_GET as $k => $v ) { $_GET[$k] = stripslashes($v); }
    foreach ( $_COOKIE as $k => $v ) { $_COOKIE[$k] = stripslashes($v); }
}

    Putting that at the beginning of your code makes sure magic quotes is dealt with on every occassion, meaning you won’t have to keep track of where you have to deal with magic quotes.

    More information in the notes here: http://www.php.net/manual/en/function.get-magic-quotes-gpc.php

    • 0