Why is PHP escaping already-escaped single quotes?

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
Stokestack
Forum Newbie
Posts: 14
Joined: Thu Sep 16, 2010 2:37 am

Why is PHP escaping already-escaped single quotes?

Post by Stokestack »

Hi all.

I'm trying to pass some params through a URL, and some have to be single-quoted for SQL. I find that even if I URL-encode the quotes, PHP converts them to \'

Why, and is there a workaround other than post-processing every incoming parameter to replace the \' with '

Thanks!
User avatar
Weirdan
Moderator
Posts: 5978
Joined: Mon Nov 03, 2003 6:13 pm
Location: Odessa, Ukraine

Re: Why is PHP escaping already-escaped single quotes?

Post by Weirdan »

It's likely your PHP interpreter misconfigured (magic_quotes_gpc turned on). Check your phpinfo() output and turn it off if it's on.
dheeraja
Forum Commoner
Posts: 36
Joined: Tue Nov 09, 2010 11:03 pm

Re: Why is PHP escaping already-escaped single quotes?

Post by dheeraja »

You can solve your problem by using stripslashes(), for more information follow this link: http://php.net/manual/en/function.stripslashes.php
Stokestack
Forum Newbie
Posts: 14
Joined: Thu Sep 16, 2010 2:37 am

Re: Why is PHP escaping already-escaped single quotes?

Post by Stokestack »

Thanks for the replies, guys.
User avatar
s.dot
Tranquility In Moderation
Posts: 5001
Joined: Sun Feb 06, 2005 7:18 pm
Location: Indiana

Re: Why is PHP escaping already-escaped single quotes?

Post by s.dot »

Don't use stripslashes, turn magic_quotes_gpc off
Set Search Time - A google chrome extension. When you search only results from the past year (or set time period) are displayed. Helps tremendously when using new technologies to avoid outdated results.
Stokestack
Forum Newbie
Posts: 14
Joined: Thu Sep 16, 2010 2:37 am

Re: Why is PHP escaping already-escaped single quotes?

Post by Stokestack »

magic_quotes of all kinds were already off, so I guess the original question remains: Why did PHP add the slashes to begin with?
User avatar
s.dot
Tranquility In Moderation
Posts: 5001
Joined: Sun Feb 06, 2005 7:18 pm
Location: Indiana

Re: Why is PHP escaping already-escaped single quotes?

Post by s.dot »

Show us your code.
If you're escaping a query with an escaping function and then printing it, that would be why you see the quotes.
I still think magic_quotes_gpc is on
Let's see your code! :)
Set Search Time - A google chrome extension. When you search only results from the past year (or set time period) are displayed. Helps tremendously when using new technologies to avoid outdated results.
Stokestack
Forum Newbie
Posts: 14
Joined: Thu Sep 16, 2010 2:37 am

Re: Why is PHP escaping already-escaped single quotes?

Post by Stokestack »

Thanks. I've already starting switching over to prepared statements and mysqli, so the code has now changed and this is most likely moot. If it comes up again, I'll post the relevant code.
Post Reply