/    Sign up×
Community /Pin to ProfileBookmark

Automated stripslashes() before entering database…?

Copy linkTweet thisAlerts:
Mar 06.2005

I’m using a mysql database.

A little example script:

[code=php]
$string = addslashes(“Let’s do it!”);
echo $string;

mysql_query(“INSERT INTO table(field) VALUES(‘” . $string . “‘)”);
[/code]

The echo() outputs “Let‘s do it!” (With slash, obviously). When I look in the database, the slash is gone though. It just says “Let’s do it!”. If I do the addslashes twice, like this:

[code=php]
$string = addslashes(addslashes(“Let’s do it!”));
[/code]

Then the value in the database is “Let‘s do it!”, so, with a slash.

I’m getting the idea there is some automated stripslashes() before the data enters the database. Do I just need to add the slashes twice or am I doing something wrong or something?

to post a comment
PHP

2 Comments(s)

Copy linkTweet thisAlerts:
@Stephen_PhilbinMar 06.2005 — The database removes them at data entry because it is the database that uses the slashes. The database is the reason the data has the slashes added to it. If you didn't add the escaping slashes, then there's a pretty good chance the database would take an apostrophe as the and of a string of data and then try using the rest of the string as the remainder of the query.

Naturally the slashes are not required if you are echoing straight to the page and so naturally the slashes get mistaken for character data and get displayed. The remedy is an easy one though. ?

Just run strip slashes on anything that's getting given to something that doesn't require escaping (echoing directly to the page being the most obvious one) and just leave it as it is when running it through a process such as adding it to the database.
Copy linkTweet thisAlerts:
@ShrineDesignsMar 06.2005 — [code=php]<?php
$str = "Let's do it!";

if(!get_magic_quotes_gpc())
{
$str = addslashes($str);
}
echo $str;
?>[/code]
×

Success!

Help @SanderK spread the word by sharing this article on Twitter...

Tweet This
Sign in
Forgot password?
Sign in with TwitchSign in with GithubCreate Account
about: ({
version: 0.1.9 BETA 5.28,
whats_new: community page,
up_next: more Davinci•003 tasks,
coming_soon: events calendar,
social: @webDeveloperHQ
});

legal: ({
terms: of use,
privacy: policy
});
changelog: (
version: 0.1.9,
notes: added community page

version: 0.1.8,
notes: added Davinci•003

version: 0.1.7,
notes: upvote answers to bounties

version: 0.1.6,
notes: article editor refresh
)...
recent_tips: (
tipper: @AriseFacilitySolutions09,
tipped: article
amount: 1000 SATS,

tipper: @Yussuf4331,
tipped: article
amount: 1000 SATS,

tipper: @darkwebsites540,
tipped: article
amount: 10 SATS,
)...