Jump to content

backslashes before single quotes


skaterdav85

Recommended Posts

I'm using prepared statements to insert data into a table. If the data contains a single quote, a backslash is put before it to escape it. However, when i display that data on the page, there is always a backslash before a single quote. What is the best way to remove these when displaying the data on the page?

Link to comment
Share on other sites

I'm using prepared statements to insert data into a table. If the data contains a single quote, a backslash is put before it to escape it. However, when i display that data on the page, there is always a backslash before a single quote. What is the best way to remove these when displaying the data on the page?
$data = stripslashes($data);
Link to comment
Share on other sites

ok that works. It seems like there should be a more automated method to solving this though, since I'm assuming almost everyone would want to display data from their db without escape characters. Does php offer something in prepared statements so that you dont have to use stripslashes() on all of your bound results? Or is there something you can do in the php.ini file?

Link to comment
Share on other sites

Prepared statements don't "atuomatically" put quotes in front of single quotes. If YOU do that (say, with addslashes()), then using stripslashes() is the only way to reverse the effect.Try to var_dump() your $_GET, $_POST or whatever data, and see if THAT contains a backslash in front of single quotes. If it does, then you have magic quotes enabled. You need to disable them from php.ini (call your host if you can't edit php.ini yourself), or "manually" call stripslashes() before you insert data into the DB.

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...