Slashes not being Added

[abrahamgarcia27]

I have an ubuntu server that i use locally and it does not add slashes when i insert data to the database, but when i put it on my dedicated server with centos it does add slashes and it is the same code. Do you guys have an idea of what it could be?

[mac_gyver]

the slashes \ should not be in the actual data in the database. they should only be in the sql query statement to indicate those characters that have special meaning that are part of the data and that are not to be interpreted as part of the query syntax.

 

how exactly are you looking at the data when you see the \ characters, because this is either a problem with php escaping your input data in addition to you escaping it or php escaping the data when you  retrieve it from the database.

 

note: this php behavior has been removed as of php5.4.

[abrahamgarcia27]

this is how data is stored in the database. Is this bad?

<p style=\"text-align: justify;\"><span>We are pro

then when i display this i do stripslashes. 

[mac_gyver]

Is this bad?

yes. because php has now changed what it does to external data, any data that is (incorrectly) stored with the \'s in it cannot be searched for and found and by unconditionally running stripslashes() on any data, it will remove an real \'s in the data (which i see from looking at your previous threads - http://forums.phpfreaks.com/topic/255193-problem-searching/ you are doing.)

 

prior to php5.4, what you should have been doing is test if php's magic_quotes_gpc is ON and if it was use stripslashes to remove the escaping php was doing, then escaping the data yourself (note: this logic will still work in php5.4 and later as the function that tests if magic_quotes_gpc is on will return a false value.)

 

the best recommendation would be to remove any extra \ characters that are stored in your database tables.

Edited March 7, 2014 by mac_gyver