Stripslahes only stripping locally

Hi there,

So I have a database driven site. There is an online diary, which allows the end user to add/edit and delete events. When data is entered into the database it is sanitised using mysqli_real_escape_string.

When the user edits data, the event data is retrieved from the DB, and displayed in a form, with slashes present. When the user updates the form, the slashes are escaped, and so the DB holds data like this:

“Whether you\\\'re a total newbie, or a pro, why not pop along to our Ukulele Group?”

So in order to fix this I have used the stripslashes function on data that is retrieved from the DB. This has rectified the issue when tested locally, but not when online.

Does anyone know of any particular reason why that would be the case? I have checked the remote DB and removed instances of escaped backslashes.

Many thanks,

Yeah, this has to do with one of the most awesome features in PHP ever, magic_quotes.

Your best bet is to turn off magic_quotes, as what this does is automatically run addslashes against all incoming data.
There’s also magic_quotes_runtime, which will automatically run addslashes against anything that’s coming from an external source, such as a database.

Turn off magic quotes and see if that fixes it. If not, we need to look a little further to see why stuff is being slashed.

Thanks Immerse,

Turns out it wasn’t magic_quotes, which i had already turned off. I was Actually populating hidden fields with php, then using jquery to place the data in the form. I just needed to add stripslashes to the correct script.

Anyways, thanks again for your reply. I’m sure it’ll help out others.