[SOLVED] PHP Auto Escaping MySQL Strings

[jjacquay712]

I have a database manager script that I am working on, kind of like phpmyadmin. When a user types in their custom query, it automatically escapes semi quotes.

 

example:

User inputted query: 
SELECT * FROM users WHERE username='Joe';

What php does:
SELECT * FROM users WHERE username=\'Joe\';

 

Is there anyway to make php not do this?

[premiso]

You are over escaping the data.

 

Check that magic_quotes is turned off, if not turn it off. You may have to stripslashes on current data then update it for it to be right in the current DB.

 

Basically with magic_quotes on, php adds addslashes to any form data passed to the script. It is being depreciated/turned off in PHP 6. So I suggest not relying on it and just turn it off and be happy

[jjacquay712]

Thanks for the help, i am going to try to use this: ini_set("magic_quotes_gpc = Off");

[PFMaBiSmAd]

magic_quotes_gpc must be turned off before your script runs. It is not settable using ini_set() in a script.

[jjacquay712]

Yeah... That didn't work. How would i turn magic quotes off?

[jjacquay712]

I tried setting it in my .htaccess file, and adding a php.ini file in the directory with the command to turn magic quotes off, but nothing worked.

[premiso]

Are you on shared hosting?

[jjacquay712]

I got it working, had to mess with the htaccess file