I am having major problems figuring this one out.
If a string entered into a form contains a single quote ('), attempts to insert the string into a mysql table fail.
I am calling another php to do the inserting via "post".
Will using the HTTP_POST_VARS array rather than the variable name call the string with escaped single quote or is there some other problem?
I have tried using addslashes also. That hasn't worked either.
PHP 4 is called as a cgi. All global magic_quotes are off. I have magic_quotes turned on within each file
ini_set ("magic_quotes_gpc", 1);
<? echo get_magic_quotes_gpc(); ?>
returns 1 as expected.
echoing string
echo $sourceText;
returns - "I don't understand." (without double quotes). Single quote is not escaped.
Any help apprectiated,
Cathy
If a string entered into a form contains a single quote ('), attempts to insert the string into a mysql table fail.
I am calling another php to do the inserting via "post".
Will using the HTTP_POST_VARS array rather than the variable name call the string with escaped single quote or is there some other problem?
I have tried using addslashes also. That hasn't worked either.
PHP 4 is called as a cgi. All global magic_quotes are off. I have magic_quotes turned on within each file
ini_set ("magic_quotes_gpc", 1);
<? echo get_magic_quotes_gpc(); ?>
returns 1 as expected.
echoing string
echo $sourceText;
returns - "I don't understand." (without double quotes). Single quote is not escaped.
Any help apprectiated,
Cathy