Page 1 of 1

apostrophe database problem

Posted: Sat Jun 05, 2004 7:04 pm
by speedamp
hello,

my question is about returning values with special characters from the database. Apostrophe's have caused me the most problems.

When a use enters "O'Reilly" as a last name, it is returned FROM the database as "O\\\\\\\\\Reilly"

Should I use the stripslashes command, or should i strip the special characters when the user enters them into the database?

How could i just remove them all from the form before entering the db?

-Michael

Posted: Sat Jun 05, 2004 8:36 pm
by markl999
Looks like your server is using magic quotes which are evil.
Basically magic_quotes is auto adding quotes for you. So either disable magic_quotes and use addslashes/stripslashes.
If you don't have access to the php.ini (a shared host) then you can put php_value magic_quotes_gpc 0 in a .htaccess file to turn them off.

Posted: Sat Jun 05, 2004 9:07 pm
by launchcode
And if you don't have access to .htaccess files (i.e. your host uses Windows servers) you can do it from within PHP itself at the start of your scripts:

Code: Select all

set_magic_quotes_runtime(0);

Posted: Sun Jun 06, 2004 12:32 am
by pickle
It's usually best to add the slashes before you put it in the DB, and after you take it out, I use
[php_man]mysql_escape_string[/php_man] and [php_man]stripslashes[/php_man] personally.

Posted: Sun Jun 06, 2004 8:33 am
by launchcode
Yeah, escape_string is a better way to do it - although to be honest it does the exact same thing as addslashes, that's only at the moment and could be open to change (although unlikely!). Pickle - if you don't add slashes before you add to the DB, when else could you do it?! :) any other time is a bit late, surely? :)

Posted: Mon Jun 07, 2004 9:54 am
by pickle
I've noticed on occasion ( and it may be just me ), that if I don't manually add slashes, they are added anyway, but in ways that can't be predicted. When I add them myself, I don't have that problem. Again, it may just be my coding.