Mysql_real_escape_string stores data in the database along with backslashes
When I use mysql_real_escape_string on my immutable strings, the data in the database is stored with backslashes that shouldn't be executed.
I have magic_quotes_gpc OFF, not sure why this is happening. Any idea?
Is there any parameter in the mysql database that needs to be changed.
I am not using addlashes anywhere in the code. PHP language.
Please, help.
There are several variants of magic_quotes, all of which are very invasive and cannot be overridden. I think it is unlikely that this additional speedup is done by the DBMS.
You checked what the data looks like before using mysql_real_escape_string () - I'd bet it escaped somehow already.
FROM.
The answer is simple. There are no settings in the mysql database that need to be changed. This is your code / settings.
Either you have magic_quotes_gpc
it and needs to double check, or some of your codes does another shortcut.
stripslashes () is when the PHP directive magic_quotes_gpc is on (it's the default) and you're not pushing that data into a location (such as a database) that needs escaping. For example, if you are just outputting data directly from an HTML form.
<?php
$str = "Is your name O\'reilly?";
// Outputs: Is your name O'reilly?
echo stripslashes($str);
?>
Let us know when you are using stripslashes, what your login leads to. It falls into the required format. This is to check if there is something wrong with your input.
Since you said that without mysql_real_escape_string applied, your data is saved without any black styles ... and after applying them you get blackslash ... I personally feel double checking your code if you apply any applications where.
Some questions...
- This only happens in this current function.
- Check if magic_quotes_gpc is on or off.
- Can you post the part of this function that is causing this problem.