Posted by nick.bonadies on 04/11/07 13:38

I'm trying to deal with user inputs of single quotes into form fields
that get input into a MSSQL database. So far I have discovered that
if I turn on magic_quotes_sybase in my php.ini file PHP will correctly
escape the single quotes. The problem happens when I am trying to
retrieve data from the database, PHP will try to comment out what it
has already commented out, instead of stripping the extra single
quote.

So as an example, if someone enters O'Brien as their name into the
form PHP send O''Brien to the database to be stored. Now when I have
say, a list of users in the database on another page PHP outputs
O''''Brien because it is trying to compensate for the single quotes.

Is there any sort of function like stripslashes(); but for single
quotes?

Thanks so much for any and all help! This is driving me up the wall!

[Back to original message]