ndlarsen wrote:
> Jerry Stuckle wrote:
>> Read up on mysql_real_escape_string(). It does modify the data as
>> it's being sent to the database - but the data is modified in a
>> predictable way (i.e. to take care of embedded quotes, etc.). The
>> result when retrieved from the database is just as you put it in there.
>
>> Add databases require some modification of the data to store special
>> characters. But if you do the modification properly, the data is
>> retrieved without modification. MySQL has a function which does this
>> for you; some others don't.
>
> Right, I think I got it now. Some of the testing code I used made it
> appear as if the string was automatically stripped of backslashes when I
> retrieved it from the database/table.
> If I run mysql_real_escape_string() on a string prior to inserting it
> into a database/table, it is submitted to the database modified (with
> backslashes escaping special characters). If I retrieve that same string
> from the database/table, it is still modified and I need to strip the
> string of the backslashes, perhaps with stripslashes()?
>
> Thank you.
>
> Regards
>
> ndlarsen
>

No. mysql_real_escape_string() only modifies the string for storage in
the database (and no, it does not do the same thing as addslashes()).

What you retrieve from the database will be identical to what you had
before calling mysql_real_escape_string().


--
==================
Remove the "x" from my email address
Jerry Stuckle
JDS Computer Training Corp.
jstucklex@attglobal.net
==================