468,469 Members | 2,666 Online
Bytes | Developer Community
New Post

Home Posts Topics Members FAQ

Post your question to a community of 468,469 developers. It's quick & easy.

addslashes vs. mysql_real_escape_string


When I look directly in my db field I see a difference between these two
functions. The top line (seebelow) was inserted with addslashes vs. the
bottom line where I used mysql_real_escape_string. Obviously addslashes
really escapes the apostrophe. But I thought mysql_real_escape_string is
supposed to do that too - can anyone explain? Thanks, Lee G.

This is Aviva\'s website.
This is Sarah's website.
Jul 17 '05 #1
1 2844
leegold2 wrote:
When I look directly in my db field I see a difference between these two
functions. The top line (seebelow) was inserted with addslashes vs. the
bottom line where I used mysql_real_escape_string. Obviously addslashes
really escapes the apostrophe. But I thought mysql_real_escape_string is
supposed to do that too - can anyone explain? Thanks, Lee G.

This is Aviva\'s website.
This is Sarah's website.


What were:
* the original strings before escaping
* the strings after escaping, as they appeared in the SQL you sent to
the server?

I don't see any difference on a test string with an apostrophe on these
functions in 4.3.8 or 5.0.2:
<?php
$originalstring = "Apostrophe's rock";
echo $originalstring, "\n";
echo addslashes( $originalstring ), "\n";
echo mysql_escape_string( $originalstring ), "\n";
echo mysql_real_escape_string( $originalstring ), "\n";
?>

output:
Apostrophe's rock
Apostrophe\'s rock
Apostrophe\'s rock
Apostrophe\'s rock

Can you confirm that the pre-escaping string for "This is Aviva\'s
website." did not contain a backslash, and that the same query was used
to insert both samples? Did the data from from a literal string, a file,
or from a web form? If you're using the magic_quotes_gpc option
(unfortunately the default is on, I believe), you need to run
stripslashes() on any text that comes from GET/POST/COOKIE variables
before further processing.

-- brion vibber (brion @ pobox.com)
Jul 17 '05 #2

This discussion thread is closed

Replies have been disabled for this discussion.

Similar topics

reply views Thread by Bob Bedford | last post: by
4 posts views Thread by Jan Pieter Kunst | last post: by
2 posts views Thread by Marcus | last post: by
2 posts views Thread by Cruella DeVille | last post: by
15 posts views Thread by =?ISO-8859-1?Q?J=F8rn?= Dahl-Stamnes | last post: by
5 posts views Thread by Gilles Ganault | last post: by
13 posts views Thread by ndlarsen | last post: by
1 post views Thread by kmladenovski | last post: by
By using this site, you agree to our Privacy Policy and Terms of Use.