Sign Up to our social questions and Answers Engine to ask questions, answer people’s questions, and connect with other people.
Login to our social questions & Answers Engine to ask questions answer people’s questions & connect with other people.
Lost your password? Please enter your email address. You will receive a link and will create a new password via email.
Please briefly explain why you feel this question should be reported.
Please briefly explain why you feel this answer should be reported.
Please briefly explain why you feel this user should be reported.
When i add something to my mysql db, i use mysql_real_escape_string(), then put it in the database.
do i need to stripslashes() when i later get it from the db with mysql_query() and mysql_fetch_array(), or does one of these functions do it for me, or is it just not necesseary?
The escape characters are never stored in the database. They go away as the SQL parser parses your query.
Your question displays a fundamental misunderstanding of how escaping works. Escape characters are only a way to tell the parser to ignore the special meaning the parser gives to a character. After the string has been parsed into a structure in memory, there is no reason to keep the escape characters.
If you’re seeing extraneous slashes, your server might be configured wrong and you might be getting bitten by a retarded PHP feature called magic quotes.