Hi all.
I'm trying to pass some params through a URL, and some have to be single-quoted for SQL. I find that even if I URL-encode the quotes, PHP converts them to \'
Why, and is there a workaround other than post-processing every incoming parameter to replace the \' with '
Thanks!
Why is PHP escaping already-escaped single quotes?
Moderator: General Moderators
-
Stokestack
- Forum Newbie
- Posts: 14
- Joined: Thu Sep 16, 2010 2:37 am
Re: Why is PHP escaping already-escaped single quotes?
It's likely your PHP interpreter misconfigured (magic_quotes_gpc turned on). Check your phpinfo() output and turn it off if it's on.
Re: Why is PHP escaping already-escaped single quotes?
You can solve your problem by using stripslashes(), for more information follow this link: http://php.net/manual/en/function.stripslashes.php
-
Stokestack
- Forum Newbie
- Posts: 14
- Joined: Thu Sep 16, 2010 2:37 am
Re: Why is PHP escaping already-escaped single quotes?
Thanks for the replies, guys.
Re: Why is PHP escaping already-escaped single quotes?
Don't use stripslashes, turn magic_quotes_gpc off
Set Search Time - A google chrome extension. When you search only results from the past year (or set time period) are displayed. Helps tremendously when using new technologies to avoid outdated results.
-
Stokestack
- Forum Newbie
- Posts: 14
- Joined: Thu Sep 16, 2010 2:37 am
Re: Why is PHP escaping already-escaped single quotes?
magic_quotes of all kinds were already off, so I guess the original question remains: Why did PHP add the slashes to begin with?
Re: Why is PHP escaping already-escaped single quotes?
Show us your code.
If you're escaping a query with an escaping function and then printing it, that would be why you see the quotes.
I still think magic_quotes_gpc is on
Let's see your code!
If you're escaping a query with an escaping function and then printing it, that would be why you see the quotes.
I still think magic_quotes_gpc is on
Let's see your code!
Set Search Time - A google chrome extension. When you search only results from the past year (or set time period) are displayed. Helps tremendously when using new technologies to avoid outdated results.
-
Stokestack
- Forum Newbie
- Posts: 14
- Joined: Thu Sep 16, 2010 2:37 am
Re: Why is PHP escaping already-escaped single quotes?
Thanks. I've already starting switching over to prepared statements and mysqli, so the code has now changed and this is most likely moot. If it comes up again, I'll post the relevant code.