tinyMCE apostrophe's adds backslash and apostrophe

PHP
1

Hey,

I have the following update statement:


    public function updateReviews(){

        if(is_numeric($_POST['ID'])){

			$body = mysql_real_escape_string($_POST['body']);
			$body = str_replace(''', '', $body);

			$address = mysql_real_escape_string($_POST['address']);
			$other = mysql_real_escape_string($_POST['other']);		
			$admission = mysql_real_escape_string(htmlentities($_POST['admission']));
            
            $sql = "UPDATE tbl_reviews SET
                    catID = '".mysql_real_escape_string($_POST['catID'])."',
                    title = '".mysql_real_escape_string($_POST['title'])."',
                    body = '$body',
                    address = '$address',
                    postcode = '".mysql_real_escape_string($_POST['postcode'])."',
                    tel = '".mysql_real_escape_string($_POST['tel'])."',
                    website = '".mysql_real_escape_string($_POST['website'])."',
                    admission = '$admission',
                    other = '$other',
                    date_added = now()
                    WHERE ID = ".$_POST['ID']."";
			print_r(mysql_error());
            $result = mysql_query($sql) or die(mysql_error());
            return $result;
        }else{
            die('ID needs to be numeric');
        }
    }

When i run this this line does not really work:


$body = str_replace(''', '', $body);

If you look at this page:

http://freemanholland.com/babies/reviews/?ID=9

And look at the “Smithills Country Park” review, you will see that where there should be an apostrophe it shows the word like this:

you\\\'re

Any ideas why this is?

Thanks

2

In my above post this line has not been displayed properly, it should be this:

$body = str_replace(‘& # 3 9 ;’, ‘’, $body);

Ignore the gaps, it would have been converted to an apostrophe…

3

Are magic quotes enabled?

http://www.php.net/manual/en/security.magicquotes.disabling.php