I've got a script that parses XML sent from flash and submits it to a MySQL DB. Problem is that if Flash sends any data that contains a character that ought to be escaped the PHP script fails to escape it even though I've used addslashes($dataParsedFromXML) to do so.

Funny thing is that when I have the script process test XML internal to the script the XML parses out fine, escapes characters and writes to theDB. On the other hand, if I submit EXACTLY the same XML from Flash via $HTTP_RAW_POST_DATA the script fails to escape the naughty characters eg: '

For example...if the xml is:
<COURSE_TITLE>My friend's course name here</COURSE_TITLE>

And the script does this:
PHP Code:
 $COURSE_TITLE addslashes($COURSE_TITLE);       
$sql "INSERT INTO classes SET id='null', title='$COURSE_TITLE
then what gets written to the DB is:

s course name here

notice the fact that the text before the apostrophe is cut off.


If I have Flash send XML with no characters that need escaping then $HTTP_RAW_POST_DATA gets parsed out and all goes well.

This is, needless to say, baffling to me.

Does anyone have any suggestions? Has anyone seen anything like this before?

TIA for any responses