FAQ
I am using str_replace to strip double quotes.

$string = 'This string has "quotes" in it';

$string = str_replace('"', '', $string);

this seems to work, yet when I put the $string into mysql,
it uses backslashes to escape where the quotes were. The
double-quotes are gone, yet it still escapes the 'ghost'
where they were.

I even tried
str_replace(array("\x8c", "\x9c", "'", '"'), '', $string)
but the ghost remains and mysql continues to escape them.

I check the charsets, and the db is Latin-1 and the sting is ISO-8859-1

Any thoughts on this would be most graciously accepted.
Kind regards
kevin


--
"Democracy is two wolves and a lamb voting on what to have for lunch.
Liberty is a well-armed lamb contesting the vote."
--
"Democracy is two wolves and a lamb voting on what to have for lunch.
Liberty is a well-armed lamb contesting the vote."

Search Discussions

  • Jim Lucas at Sep 22, 2007 at 7:19 am

    Kevin Waterson wrote:
    I am using str_replace to strip double quotes.

    $string = 'This string has "quotes" in it';

    $string = str_replace('"', '', $string);

    this seems to work, yet when I put the $string into mysql,
    it uses backslashes to escape where the quotes were. The
    double-quotes are gone, yet it still escapes the 'ghost'
    where they were.

    I even tried
    str_replace(array("\x8c", "\x9c", "'", '"'), '', $string)
    but the ghost remains and mysql continues to escape them.

    I check the charsets, and the db is Latin-1 and the sting is ISO-8859-1

    Any thoughts on this would be most graciously accepted.
    Kind regards
    kevin
    is $string honestly something that you are getting via a form submit?

    if so, your system might have magic quotes enabled.

    This would automatically escape quotes with the attempt to make the
    values safer, and then you go and run your str_replace command and
    remove the double quotes, you end up leaving the '\' that the system
    automatically put in the value for you.

    read up on magic quote gpc

    hope this helps.

    Jim

    --
    Jim Lucas


    "Perseverance is not a long race;
    it is many short races one after the other"

    Walter Elliot



    "Some men are born to greatness, some achieve greatness,
    and some have greatness thrust upon them."

    Twelfth Night, Act II, Scene V
    by William Shakespeare
  • Heavyccasey at Sep 23, 2007 at 1:09 am
    So replace ' \" ' instead of ' " '.
    On 9/22/07, Jim Lucas wrote:
    Kevin Waterson wrote:
    I am using str_replace to strip double quotes.

    $string = 'This string has "quotes" in it';

    $string = str_replace('"', '', $string);

    this seems to work, yet when I put the $string into mysql,
    it uses backslashes to escape where the quotes were. The
    double-quotes are gone, yet it still escapes the 'ghost'
    where they were.

    I even tried
    str_replace(array("\x8c", "\x9c", "'", '"'), '', $string)
    but the ghost remains and mysql continues to escape them.

    I check the charsets, and the db is Latin-1 and the sting is ISO-8859-1

    Any thoughts on this would be most graciously accepted.
    Kind regards
    kevin
    is $string honestly something that you are getting via a form submit?

    if so, your system might have magic quotes enabled.

    This would automatically escape quotes with the attempt to make the
    values safer, and then you go and run your str_replace command and
    remove the double quotes, you end up leaving the '\' that the system
    automatically put in the value for you.

    read up on magic quote gpc

    hope this helps.

    Jim

    --
    Jim Lucas


    "Perseverance is not a long race;
    it is many short races one after the other"

    Walter Elliot



    "Some men are born to greatness, some achieve greatness,
    and some have greatness thrust upon them."

    Twelfth Night, Act II, Scene V
    by William Shakespeare

    --
    PHP General Mailing List (http://www.php.net/)
    To unsubscribe, visit: http://www.php.net/unsub.php
  • Peter Lauri at Sep 23, 2007 at 1:54 pm
    No, turn Magic Quotes off :)

    Best regards,
    Peter Lauri

    www.dwsasia.com - company web site
    www.lauri.se - personal web site
    www.carbonfree.org.uk - become Carbon Free
    -----Original Message-----
    From: heavyccasey@gmail.com
    Sent: Sunday, September 23, 2007 3:10 AM
    To: Jim Lucas
    Cc: Kevin Waterson; php-general@lists.php.net
    Subject: Re: [PHP] str_replace oddity

    So replace ' \" ' instead of ' " '.
    On 9/22/07, Jim Lucas wrote:
    Kevin Waterson wrote:
    I am using str_replace to strip double quotes.

    $string = 'This string has "quotes" in it';

    $string = str_replace('"', '', $string);

    this seems to work, yet when I put the $string into mysql,
    it uses backslashes to escape where the quotes were. The
    double-quotes are gone, yet it still escapes the 'ghost'
    where they were.

    I even tried
    str_replace(array("\x8c", "\x9c", "'", '"'), '', $string)
    but the ghost remains and mysql continues to escape them.

    I check the charsets, and the db is Latin-1 and the sting is ISO-8859-
    1
    Any thoughts on this would be most graciously accepted.
    Kind regards
    kevin
    is $string honestly something that you are getting via a form submit?

    if so, your system might have magic quotes enabled.

    This would automatically escape quotes with the attempt to make the
    values safer, and then you go and run your str_replace command and
    remove the double quotes, you end up leaving the '\' that the system
    automatically put in the value for you.

    read up on magic quote gpc

    hope this helps.

    Jim

    --
    Jim Lucas


    "Perseverance is not a long race;
    it is many short races one after the other"

    Walter Elliot



    "Some men are born to greatness, some achieve greatness,
    and some have greatness thrust upon them."

    Twelfth Night, Act II, Scene V
    by William Shakespeare

    --
    PHP General Mailing List (http://www.php.net/)
    To unsubscribe, visit: http://www.php.net/unsub.php
    --
    PHP General Mailing List (http://www.php.net/)
    To unsubscribe, visit: http://www.php.net/unsub.php

Related Discussions

Discussion Navigation
viewthread | post
Discussion Overview
groupphp-general @
categoriesphp
postedSep 22, '07 at 5:33a
activeSep 23, '07 at 1:54p
posts4
users4
websitephp.net

People

Translate

site design / logo © 2022 Grokbase