Question :
========
i want to replace special characters like " ' " with " \' ".
my script is barfing whenever i do a read from the database with a " ' " in it.
i use javascript to insert the backslash into the hidden input of my form so i
can execute an insert with no problem
its on the read i need to reinsert the backslash from php
Answer :
======
You are on the wrong track here. This problem is inherently solved by
PHP.
First, you don't need to use JavaScript to escape the quotes. By default,
PHP's magic_quotes_gpc option is turned on. This means that all data
going trhough a FORM GET, FORM POST or a Cookie will be automatically
escaped.
Second, when you read things back from the database, if
magic_quotes_runtime is enabled, your quote characters will be escaped as
well. This can get confusing, so this option is off by default. PHP has
two built-in functions that let you do this yourself quickly.
AddSlashes() will add slashes in the appropriate places to a string, and
StripSlashes() will remove them. So, there is no need to start trying to
do this yourself with regular expressions. However, for future reference,
you will want to have a log at the ereg_replace() function.
