Welcome to WebmasterWorld Guest from

Forum Moderators: coopster & jatar k

Message Too Old, No Replies

Remove Slashes from SQL statement?

Prior to inserting into database



4:40 am on May 31, 2005 (gmt 0)

10+ Year Member

I use a form to insert comments into a database.

How do I get rid of the slashes around quotes(/""/) before it gets inserted into my database?

SQL statement:

$sql = "INSERT INTO data (comments) VALUES ('$comments')";

How do I prevent the slashes with quotes from being inserted into the database when the comments are submitted?

i.e. this is an example /"quote"/. Should read: this is an example "quote".


p.s. Normally its never a problem but occassionally I get some strange comment submitted that is full of slashes around quotes. Maybe someone copied the information and pasted it into the form... i don't know.


5:08 am on May 31, 2005 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member

To remove slashes you may find the stripslashes() [us3.php.net] function useful.


5:10 am on May 31, 2005 (gmt 0)

10+ Year Member

At a guess you might have magic quotes enabled, but the slashes are forward instead of back..? maybe someone can explain that one...

At a guess, I'd say have a go using mysql_escape_string() and see if that better prepares the string for use in your SQL statment.


5:20 am on May 31, 2005 (gmt 0)

10+ Year Member

Hi Grandpa,

I have tried different versions of stripslashes() like this one below but it did not work if I did a test:

stripslashes ($comments);

$sql = "INSERT INTO data (comments) VALUES ('$comments')";


5:24 am on May 31, 2005 (gmt 0)

10+ Year Member

Hi Ironik,

Oops I meant back slashes '\' not forward slashes '/.



Featured Threads

Hot Threads This Week

Hot Threads This Month