mysql_real_escape_string usage

Discussion in 'PHP' started by daboss, Feb 1, 2006.

0
  1. #1
    i rely on the mysql_real_escape_string function to prepare my form input for use with sql statements. it's worked well for me before but i've just hit a problem with it on one new host server.

    if my form input has a " character in it, using mysql_real_escape_string should put a \ escape character in front of the " character. however, on this host server, it seems to add 2 \ characters (i.e. \\) in front of the " character.

    anyone seen this behaviour before? is there something i can do? is it a setting on the server?

    thanks in advance for your help.
     
    daboss, Feb 1, 2006 IP
    obenix likes this.
  2. l234244

    l234244 Peon

    Messages:
    1,225
    Likes Received:
    50
    Best Answers:
    0
    Trophy Points:
    0
    #2
    Has your new server got a different version of php to your original one?
     
    l234244, Feb 1, 2006 IP
  3. daboss

    daboss Guest

    Messages:
    2,249
    Likes Received:
    151
    Best Answers:
    0
    Trophy Points:
    0
    #3
    i've doen scripting for different versions of php on different servers... so far i've never seen this before...
     
    daboss, Feb 1, 2006 IP
  4. wwm

    wwm Peon

    Messages:
    308
    Likes Received:
    10
    Best Answers:
    0
    Trophy Points:
    0
    #4
    ive seen it before, the new host has different version of php that is set by default to escape data before it goes into mysql (ALL NEW VERSIONS OF PHP DO THIS!)
     
    wwm, Feb 1, 2006 IP
  5. daboss

    daboss Guest

    Messages:
    2,249
    Likes Received:
    151
    Best Answers:
    0
    Trophy Points:
    0
    #5
    thanks for the responses... i dug around and found out that there's this setting for 'magic quotes' in php...

    so what i have to do is to check if this setting is turned on or not... if it's off, i have to call "mysql_real_escape_string"...

    you learn something new everyday... :)
     
    daboss, Feb 2, 2006 IP