Page 1 of 1
apostrophe database problem
Posted: Sat Jun 05, 2004 7:04 pm
by speedamp
hello,
my question is about returning values with special characters from the database. Apostrophe's have caused me the most problems.
When a use enters "O'Reilly" as a last name, it is returned FROM the database as "O\\\\\\\\\Reilly"
Should I use the stripslashes command, or should i strip the special characters when the user enters them into the database?
How could i just remove them all from the form before entering the db?
-Michael
Posted: Sat Jun 05, 2004 8:36 pm
by markl999
Looks like your server is using magic quotes which are evil.
Basically magic_quotes is auto adding quotes for you. So either disable magic_quotes and use addslashes/stripslashes.
If you don't have access to the php.ini (a shared host) then you can put php_value magic_quotes_gpc 0 in a .htaccess file to turn them off.
Posted: Sat Jun 05, 2004 9:07 pm
by launchcode
And if you don't have access to .htaccess files (i.e. your host uses Windows servers) you can do it from within PHP itself at the start of your scripts:
Posted: Sun Jun 06, 2004 12:32 am
by pickle
It's usually best to add the slashes before you put it in the DB, and after you take it out, I use
[php_man]mysql_escape_string[/php_man] and [php_man]stripslashes[/php_man] personally.
Posted: Sun Jun 06, 2004 8:33 am
by launchcode
Yeah, escape_string is a better way to do it - although to be honest it does the exact same thing as addslashes, that's only at the moment and could be open to change (although unlikely!). Pickle - if you don't add slashes
before you add to the DB, when else could you do it?!

any other time is a bit late, surely?

Posted: Mon Jun 07, 2004 9:54 am
by pickle
I've noticed on occasion ( and it may be just me ), that if I don't manually add slashes, they are added anyway, but in ways that can't be predicted. When I add them myself, I don't have that problem. Again, it may just be my coding.