a Slash adds to the string after cotation - PHP

Question

For inserting strings into database, I apply this function on the string:

$string = strip_tags($string);
$string = htmlspecialchars($string);
$string = preg_replace('/\s+/', ' ', $string); // removing multiple spaces :-)
$string = preg_replace('/(?:\s\s+|\n|\t)/', ' ', $string);
$string = mysql_real_escape_string($string);

On my localhost while I test the app, I enter: Life's Interesting

and the exact string saves into db (Life's Interesting), then I uploaded my app on the real server, when I enter the same string, it saves: Life\'s Interesting in database!

Why is this happening on just the server and not on my local host? I'm using Wamp on my localhost. what configuration I need to change on the server so it saves right in db?

Thanks in advance

`Magic Quotes is a process that automagically escapes incoming data to the PHP script. It's preferred to code with magic quotes off and to instead escape the data at runtime, as needed.` — GBD, Nov 29 '12 at 09:03
`Warning This feature has been DEPRECATED as of PHP 5.3.0 and REMOVED as of PHP 5.4.0.` — GBD, Nov 29 '12 at 09:07
it's also worth pointing out that the `mysql_xxx()` functions that you're using are also obsolete and in the process of being deprecated, so they're not recommended for use either. Ideally you should switch to using the equivalent `mysqli_xxx()` functions, or the PDO library for your database access. See also http://stackoverflow.com/questions/12859942/why-shouldnt-i-use-mysql-function-in-php — SDC, Nov 29 '12 at 09:15

score 3 · Accepted Answer · edited Nov 29 '12 at 09:04

3

Because magic_quotes_gpc

var_dump(magic_quotes_gpc())

var_dump magic quotes gpc in your both server. Your real server I think magic quotes is enabled by default.

Magic Quotes is a process that automagically escapes incoming data to the PHP script. It's preferred to code with magic quotes off and to instead escape the data at runtime, as needed.

a Slash adds to the string after cotation - PHP

1 Answers1