Hiya.
I am going insane... when i try to insert data fetched from a form into a MySql-database the escaping backslashes seems to disappear.
$entryName = $comFunc->addSlashesIfNeeded($_POST["f_txt_write_name"]);
echo $entryName;
$qh->runQuery(0, $sql->insertEntry($entryName));
function insertEntry($entryN)
{
$q = "INSERT INTO tbl_entry(entry_name) ";
$q .= "VALUES('" . $entryN . "')";
return $q;
}
function runQuery($index, $query)
{
// Store the result of the query in the given index.
// The query is run by calling mysql_query() with the query and a link identifier
$this->myQueryResult[$index] = mysql_query($query);
}
The function addSlashesIfNeeded adds slashes if get_magic_quotes_gpc() == 0 (i.e. is OFF).
At echo the string is printed with appropriate backslashes, same if I echo $q, but when i view the inserted row in PHPMyAdmin there are no backslashes.
I thought that maybe magic_quotes_runtime could be the cause of it but i have tried turning it on and off and besides, magic_quotes_runtime only affects data when fetched from a databse, right?
Edit: The problem, as I see it, is that when i fetch the data i can not be sure whether there are slashes or not, hence I do not know whether to use stripslashes or not. I know the situation o my system, but i want to be able to use my script on other servers too without having to rewrite anything. /Edit
Anybody knows what the cause of this problem may be?
System: Windows XP, PHP 4.3, MySql 3.23.54-nt
Thanks.
