3

i am using mysqli connection.

 $conn = new mysqli($host, $user, $password, $database);

Storing the Data in DB with below syntax

$site_description = $conn->real_escape_string($_POST['site_description']);  
$conn->query("UPDATE `r_site_details` SET  `site_description` = '".$site_description."' WHERE `id` = ".$id);
input : Telangana's

it adding slashes. But when i output the value with stripslashes its still showing the slashes in the string

$query = $conn->query("select * from r_site_details where id=$id")or die(mysqli_error());
$result = $query->fetch_assoc();
    echo stripslashes($result["site_description"]) // output : Telangana\'s
Snopzer
  • 1,602
  • 19
  • 31
  • 1
    There is a lot happening - and not shown here - between posting a form and echoing a variable from a database query. You should `var_dump()` the variable at the different stages to see where the problem is as that is impossible to tell from just these 2 lines. – jeroen Nov 02 '16 at 06:04
  • okay let me Post my Complete Script, Thanks @jeroen – Snopzer Nov 02 '16 at 06:06
  • You should first check what values the variable has at what stage, perhaps it is already escaped when you get the POST value for example. – jeroen Nov 02 '16 at 06:10
  • @jeroen, Hope you can see the complete scenario. – Snopzer Nov 02 '16 at 06:15
  • If you are unwilling to inspect the value of your variables, you will never be able to debug any code. – jeroen Nov 02 '16 at 06:17

2 Answers2

2

Dont Find a Optimize Solution, Just Tried to Replace the Slashes it works fine,

echo str_replace('\"', '"',str_replace("\'", "'", $result["site_description"]));

Can anyone suggest me an alternative Solution.

Snopzer
  • 1,602
  • 19
  • 31
-1

Hope Disabling Magic Quote could help you.

Manh Nguyen
  • 930
  • 5
  • 12