.oO(Marcus)

>Sorry for another post, but just to clarify on my previous post, is
>there a proper configuration with any/all of the magic_quotes values so
>that I can "safely" accept data and interact with my DB without using
>addslashes/deleteslashes everywhere?

I don't care about magic quotes anymore, I do the escaping on my own.
When "importing" user-submitted data I run it through something like
this to have the data in raw format:

function filter($data) {
return get_magic_quotes_gpc() ? stripslashes($data) : $data;
}

Then, when necessary, I use mysql_escape_string(), htmlspeciclchars()
etc. to escape/convert the data, dependent on what I wanna do with it.
IMHO it's more reliable to have control over the data handling instead
of relying on some "background magic", which might lead to unexpected
results.

>Also, when I look in my MySQL tables through the command prompt, if
>records with single quotes do not show up as escaped by /, am I doing
>something wrong?

No, the escape chars are not stored in the database.

Micha