hello,
my question is about returning values with special characters from the database. Apostrophe's have caused me the most problems.
When a use enters "O'Reilly" as a last name, it is returned FROM the database as "O\\\\\\\\\Reilly"
Should I use the stripslashes command, or should i strip the special characters when the user enters them into the database?
How could i just remove them all from the form before entering the db?
-Michael
apostrophe database problem
Moderator: General Moderators
Looks like your server is using magic quotes which are evil.
Basically magic_quotes is auto adding quotes for you. So either disable magic_quotes and use addslashes/stripslashes.
If you don't have access to the php.ini (a shared host) then you can put php_value magic_quotes_gpc 0 in a .htaccess file to turn them off.
Basically magic_quotes is auto adding quotes for you. So either disable magic_quotes and use addslashes/stripslashes.
If you don't have access to the php.ini (a shared host) then you can put php_value magic_quotes_gpc 0 in a .htaccess file to turn them off.
- launchcode
- Forum Contributor
- Posts: 401
- Joined: Tue May 11, 2004 7:32 pm
- Location: UK
- Contact:
And if you don't have access to .htaccess files (i.e. your host uses Windows servers) you can do it from within PHP itself at the start of your scripts:
Code: Select all
set_magic_quotes_runtime(0);- launchcode
- Forum Contributor
- Posts: 401
- Joined: Tue May 11, 2004 7:32 pm
- Location: UK
- Contact:
Yeah, escape_string is a better way to do it - although to be honest it does the exact same thing as addslashes, that's only at the moment and could be open to change (although unlikely!). Pickle - if you don't add slashes before you add to the DB, when else could you do it?!
any other time is a bit late, surely? 
I've noticed on occasion ( and it may be just me ), that if I don't manually add slashes, they are added anyway, but in ways that can't be predicted. When I add them myself, I don't have that problem. Again, it may just be my coding.
Real programmers don't comment their code. If it was hard to write, it should be hard to understand.