I wrote a small php front end to a mysql database. Users write into <input type="text"..../> or <input type="textarea".../> It all gets stored into the data base, and can be recalled later in various formats.
When I first created it, there was a bug. If someone used an apostrophe (Bob's mail, e.g.) then the mysql_query() string would be malformed, and nothing would be updated. I fixed this with str_replace(), and escaped any apostrophe's.
This worked well for 3 years, until I upgraded the server to apache 2, php5 and mysql 5. It updates fine, but wherever I have an apostrophe and save, it keeps the "slash" when I recall it (Bob\'s mail e.g.) If I save again, I get 2 slashes (Bob\\'s mail )
I'm trying to figure out if I should rewrite the code and eliminate the str_replace, or modify apache's config file, the php.ini file, or something in MySQL.
Any advice or explanation would be very helpful.
--Dave
String oddity
Moderator: General Moderators
Re: String oddity
It's being escaped twice. I'd guess magic quotes are switched on on the new server.
- John Cartwright
- Site Admin
- Posts: 11470
- Joined: Tue Dec 23, 2003 2:10 am
- Location: Toronto
- Contact:
Re: String oddity
Replace all your str_replace() gargan with mysql_real_escape_string(). This function should always be used on all input to prevent errors and SQL injection.
Re: String oddity
OK, I think I have enough to figure it out now!
I have a little reading to do, but at least now I know what to read. Thank for the help.
--Dave
I have a little reading to do, but at least now I know what to read. Thank for the help.
--Dave