I am writing a script that will be running on some servers with strict mode on, some with it off...

On the ones with it on, apostrophes are an issue and cause a MySQL query error.

I can use addslashes to fix that, but addslashes isn't good for servers with strict mode off...

therefor, i only want to use addslashes in my query where strict mode is on,

anyone suggest a way to do this, or an alternative to make my script compatible on both servers with strict mode on, or off?

    Hi,

    Could you please post some code, your question seams vague

    And check:

    mysql_real_escape_string

      IE (any MySQL INSERT query)

      MySQL strict mode:
      It's going to cause an error on a server running with MySQL in strict mode.

      (addslashes) It\'s not going to cause an error on a server running with MySQL in strict mode.

      --

      MySQL not-strict mode:

      It's not going to cause an error on a server NOT running in strict mode, but the use of addslashes or mysql_real_escape_string will cause a slash to be saved into the database field where one is not wanted and output as it\'s

      So,
      I need to find a way to determine if the server is running in strict mode or not, and if so, use addslashes or mysql_real_escape_string... and if not, not use that function...

        Have you tried ?

        I believe it doesnt save the slash

        Are you using MySQLi extension ?

          I don't think strict mode has anything to do with it. More likely you are seeing the results of having PHP's deprecated magic_quotes_gpc turned on, causing double-escaping of inputs when you apply mysql_real_escape_string() on top of its effects. If that's the case, you want to undo the damage of magic_quotes_gpc by checking if it's turned on via [man]get_magic_quotes_gpc/man, and then applying stripslashes() if it is. Here's how I do it: http://www.charles-reace.com/blog/2010/07/13/undoing-magic-quotes/

            6 months later

            Also, I do not recomend to you use mysql with strict mode off. Here you can read why it's so important Strict Mode.
            Back to your problem I agree with NogDog, probably you have problem with magic_quotes_gpc

              6 days later

              It's completely besides the point wether strict mode is on or not, since you should never use addslashes, stripslashes or anything remotely similar to escape data which is sent to your database. You should always always use mysql_real_escape_string or preferably the mysqli_ version. This function actually deals with the specific DBMS config in question when escaping data. If it needs to \' escape single quotes, it will. If it needs to '' escape single quotes it will. It's magic! (not related to magic quotes, which is totaly non-magic).

                Write a Reply...