how to store " " ' ' characters in a field?

[flyclassic]

Hi, anyone how to store these characters(", ') in a mysql field??

because in the " " is very sensitive, how do we store into mysql field? do we have to replace the " with something else first and when called back, we replace back again? any examples on the functions?

[TEENFRONT]

$var = "This is "quoted" text";

addslashes($var);

then do an insert query and it should put -  this is \"quoted\" text  into the db for you

[fenway]

Won't that variable declaration throw a parsing error in PHP?  Regardless, addslashes() to escape these special characters in what you need.

[Kurt]

[quote author=fenway link=topic=99846.msg393603#msg393603 date=1152375444]
Won't that variable declaration throw a parsing error in PHP?  Regardless, addslashes() to escape these special characters in what you need.
[/quote]
Yea, probably. So you could just do:

$var = addslashes("This is "quoted" text");

[flyclassic]

pretty cool, i should try later, that means i can insert html tags and using addslashes identify the "?

[Daniel0]

You could also use [url=http://php.net/mysql_real_escape_string]mysql_real_escape_string[/url].

[Chips]

[quote author=Daniel0 link=topic=99846.msg394012#msg394012 date=1152458022]
You could also use [url=http://php.net/mysql_real_escape_string]mysql_real_escape_string[/url].
[/quote]
But how do you actually "strip" (or essentially reverse) what this function does, or does the replacement of the extra characters only occur in mysql, and when the value stored in the database is returned, these are returned as normal - allowing you to just use stripslashes?

Furthermore I note some saying check whether your gpc_quotes or whatever is on (the thing that automatically addslashes to your POST/GEt/COOKIES before running an addslashes - to ensure you don't escape things twice - but when you run stripslashes it appears to remove ALL "\" characters, and not just doubled up ones. Presents a problem of also how to preserve a "\" character in the event that it is supposed to be in there too!

Any help with my understanding here would be greatly appreciated, as I am suddenly having to swap a DB from mssql to mysql, and am trying to ensure that I won't stuff it up too badly :P in MSSQL you just did a str_replace("'", "''", $var) - and when it was returned, well - it automatically "lost" the extra ' that was inserted, meaning no formatting required :P

[fenway]

The escaping is only for MySQL internal storage, so these extra slashes will never appear in the output; but you're right that if you have magic_quotes on you have to "check" to make sure you're not doubling things up.

[Chips]

Thanks for the reply :)