Home/ Questions/Q 1021069
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-16T11:15:19+00:00

$str = ‘BEGIN This is a quote test. \’Single\’ END’; echo $str . \n;

  • 0
$str = 'BEGIN This is a "quote" test. \'Single\' END';
echo $str . "\n";
echo mysql_real_escape_string($str);

// Outputs:
BEGIN This is a "quote" test. 'Single' END
BEGIN This is a \"quote\" test. \'Single\' END

Running PHP 5.3.2 on CentOS. As far as I can remember, mysql_real_escape_string() will only escape single quotes to prevent sql injections. Double quotes have nothing to do with that, because " does not start or end a string literal in MySQL!

This is causing backslashes to get inserted into the data! Something I clearly do not want.

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    " does start a string in MySQL. (See: Strings)

    Exception:

    If the ANSI_QUOTES SQL mode is
    enabled, string literals can be quoted
    only within single quotation marks
    because a string quoted within double
    quotation marks is interpreted as an
    identifier.

    • 0