Home/ Questions/Q 6915675
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-27T09:30:18+00:00

In PHP, I am escaping characters before insert in a MySQL database using mysql_real_escape_string

  • 0

In PHP, I am escaping characters before insert in a MySQL database using mysql_real_escape_string

$array_to_insert = array_map('mysql_real_escape_string', $my_arr);
$mysql->setTbl("mytable");
$id = $mysql->insertArray($array_to_insert);

When saving, double quotes are being saved as escaped with a \. I do not want this, since some of the data is HTML and it may contain tags like <a href="www.stackoverflow.com"> etc, which will be saved as <a href=\"www.stackoverflow.com\"> and then displayed incorrectly in a WordPress setup.

I have read elsewhere on stackoverflow that to avoid escaping the double quotes, one must first insert (as above) then select and insert into a table again.

Is there a way to solve this issue without having to select and re-insert?

Thanks
(note: the database I am using is in utf-8 format)

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    You could always strip slashes on the way out using http://php.net/manual/en/function.stripslashes.php

    for instance:

    $sql = "SELECT * FROM table_name";
$result = mysql_query($sql) or mysql_error();
while ($output = mysql_fetch_assoc($result)) {
  echo stripslashes($output['column_name']);
}

    alternatively, just remove all escaped double quotes:

    echo str_replace('\"', '"', $output['column_name']);
    • 0