how do i recover the string after i get it back from DB ? say .. the string is a javascript or something which may contain all possible dangerous characters like " , ', `, \, /, etc. So i should do a mysql_real_escape_string($string) before inserting to DB. now, at the second part i wanna retrive it from DB .. if i do stripslashes on it, it may mess it up .. right ? so what would be the correct way to do this ? Thanks
As i understand it stripslashes will only remove the slashes that were added by mysql_real_escape_string so it should just work fine.
You do not need to worry about when you are pulling data out. If your query inserts He says, "I don't want to!" then mysql_real_escape_string() makes it He says, \"I don\'t want to!\" (which makes it safe to send to the DB. The extra slashes are NOT stored in the database. When you pull the data, you'll end up with He says, "I don't want to!" again.