How do I get rid of backslashes in form data?

jamiekravitz

Weird problem: I'm building a site that uses various forms to submit data to a MySQL database.

In some cases it works just fine, but in others all the apostrophes and quotation marks get preceded by a backslash () which end up in the record entered in the database. When a record with a backslash-apostrophe is further modified it adds more backslashes to reproduce the first backslash.

I've looked at the forms that work and those that don't and can't figure out what the difference is -- is it enctype? does it matter if data is posted POST or GET? does it matter where in the page that processes the data the processing code is?

Merve

[man]stripslashes/man

However, when inserting data into a database, you want to keep the slashes, and remove them only when retrieving or manipulating the data.

dewen

the auto added backslash is from the php engine. You can get rid of it by change the php.ini

magic_quotes_gpc = On

magic_quotes_gpc = Off

or use ini_set to set magic_quotes_gpc off on each page

jamiekravitz

Thanks for feedback! I figured out why it was working in some cases and why not in others: i was using escapeshellcmd() on some of the inputs and not on others.

adding stripslashes prior to the other function seems to resolve the problem.