Page 1 of 1

Data pulled from SQL showing up with \ before quotations.

Posted: Fri May 23, 2008 10:48 pm
by davidshq
So, I have this nifty new in-line AJAX/PHP editor which allows me to edit "stories" on my site without moving between multiple pages. Everything works great - except for one small detail. If the story contains quotations (e.g. " or ') the text appears as \'. For example, "The problem with web crime is \"who cares?\" It doesn\'t matter if we\'re talking about identity theft or credit card fraud, if it\'s done to you,". Any thoughts?
David.

Re: Data pulled from SQL showing up with \ before quotations.

Posted: Fri May 23, 2008 11:32 pm
by whiterabbit
That is probably because gpc magic quotes is on. This is a setting that automatically escapes (adds in the \ before certain characters) strings before they are entered into your database. Before you enter the data into the database, you probably want to do a stripslashes() on the data, or you could do it on the display side.

You could also turn off gpc magic quotes in your php.ini file. You should always make sure you do a mysql_real_escape_string($string) when you are entering anything into the database to make sure you protect against SQL injection.

Hope this helps.