<div class="gmail_extra">a comment about magic quotes from the drupal LA group (<a href="http://groups.drupal.org/node/227548#comment-745338">http://groups.drupal.org/node/227548#comment-745338</a>)<br>"<br><p>We are writing php code using AMP stacks locally. We I first tried to
do an INSERT to the MySQL database for user input, it would error out
because MySQL uses single quotes as well to define the start and end of
the string values.</p>
<p>Turning on the magic_quotes_gpc setting in PHP places a backslash
character in front of any single or double quote character in data
retrieved from a form. The backslash character tells MySQL to treat the
quote as part of the data and not part of the string delineator. The
backslash isn't added to the data, it's silently stripped away when the
data is stored in the table.</p>
<p>WAMP has this off by default as will PHP 5.4 according to the
documentation. I'm told that PHP coders don't like relying on the
magic_quotes_gpc setting, and instead prefer to handle the data
themselves.</p>
<p>if (!get_magic_quotes_gpc())<br>
{<br>
$title = addslashes($title);<br>
$author = addslashes($author);</p>
<p>}</p>
<p>Trouble is, you cannot use BOTH. They you get all kinds of double
slashes, etc. and other crazy stuff going on. Combine that with WYSIWYG
and it is a backslash tornado!</p>
<p>I don't know what the WYSIWYG editors or even Drupal does about this,
but try turning off magic_quotes_gpc if you have access tothe PHP.ini
or can override with .phprc file.</p>"<br><br>-- <br><p><b style="font-family:'Lucida Handwriting',cursive;font-size:13px;background-color:rgb(255,255,255)"><i>Anthony Stefan Maciejowski</i></b></p><p></p><br>
<p></p><br>
</div>