Mysqli

// Select the value from the database if a match is found
$connection = new Connection;
$connection->query = "SELECT $column
				FROM $table
				WHERE username = '$value'";
$connection->run_query();

My class, “Connection”, is a sub class of mysqli.

if I made $value, " ’ ’ ’ " via a form it shows as " \’ \’ \’ ".
If I made $value, " ’ ’ ’ " NOT via a form it shows as " ’ ’ ’ ".

Why is this? I never ran it thorough real_escape_string or equivalent and if it’s not through a form it shows without the back slashes.

I checked my GET headers and it showed as " ’ ’ ’ ".

You probably have magic quotes enabled in your PHP configuration. You should disable it.

PHP: Magic Quotes - Manual