Problem 1 data going in securely:
I am having a serious problem with quotes, postgresql and php. I have a database that needs to store XML tags inside the database such as <p1 type="example"/>. The data in the database will be exported in many other formats and with many different tools and languages so i would like it to remain true. If I put in pg_escape_string the data goes into the database as <p1 type=\"example\"/> I'd rather have the original in the database so i just don't use the escape function and it goes in fine, but is that secure? Also information has already been put into the database directly so there is already the first example in the database.
problem 2 data coming out: How do i remove the data if it doesn't already have the slashes in place? When i try to use pg_fetch_row or object or array i get spaces, and blanks and things go all over the place. Is there a postgres php function that escapes strings on the way out of a database.
any help would be great, thanks in advance
I'm a new user here but have been a php programmer for 2 years now, while i have used this site for reference this is my first time posting, and i'm pretty sure it won't be my last.
postgresql 8, php 5, apache 2.2.4