inserting qoutes to mysql

[dropfaith]

im trying to allow the ability to have users still use the quotes without it displaying like below with the \ before them or having them appear as a ?

 

Reasonable people will inevitably disagree about what\'s \"authentic\" or \"genuine\" or even \"real.\" Not so when it comes to Thai Siam\'s food, which is as close to \"of or relating to Thailand and its peoples\"

[aeonsky]

Can't you just do stripslashes(); on the output function? Besides, allowing quotes into MySQL can get you a SQL exploit.

[PFMaBiSmAd]

So what problem are you having? Your thread title seems to indicate you cannot insert data with quotes but your post seems to indicate the problem is when you display the data?

[dropfaith]

sorry  the problem is with displaying i use plus i dont see blocking qoutes as its going to accept user input eventually so i cant just tell people not to use them you know someone will anyways and mess things up

 

 

mysql_real_escape_string on insert  then when pulling out something adds the backslash

[PFMaBiSmAd]

Escape characters being added when you retrieve data is due to the magic_quotes_runtime setting. You can and should turn this setting off. It has been removed in php6 so turning it off now in the master php.ini, a .htaccess file (when php is running as an Apache module), or a local php.ini (when php is running as a CGI application) will eliminate the need to put anything into your script.

[dropfaith]

odd its not magic qoutes i emailed my host and he said they have never once been on for any of his servers hes smarter  then that..

 

anything else could cause this?

[PFMaBiSmAd]

If there are escape characters when you retrieve and display data, either the server or your code is escaping the data. This is either happening when it is received and it is getting escaped multiple times before being put into the database or when it is being retrieved.

 

Don't take someone else's word for what a setting is. Use a phpinfo(); statement and check what the settings actually are at runtime under your account (you could for example have it turned on locally through a local php.ini or a .htaccess file.) Check what all the magic_quotes_xxxxx settings are in the phpinfo() output.

[dropfaith]

no i checked as well im sure its off  i sent him the full code hes looking into it a bit more i see its in my databases escaped

[PFMaBiSmAd]

If the escape characters \ are present in the database, it means your code and/or your server configuration doubled them in the query string, because the query only inserts the literal character without the \. Every one in the database would mean there were two consecutive ones in the query string.

 

You would need to post your code to get any specific help with what it is doing.