abdacted

I see. Thank you. So it appears that any MySQL database has a function that escapes every slash that is sent into?

Thanks for literature. I'm using magic quotes for now, and I wonder why there is no slash when I send from a form field "O'Connor" into data base. The data base displays: "O'Connor" not "O\'Connor". Hmm... Any hint for me please.

Hello everybody I have read some of "PHP for the World Wide Web: Visual QuickStart Guide" and Larry writes there to use stripslashes() function and mysqli_real_escape_string() while magicquote is running - as far as I remember. But the autor didn't tell why using these functions is better than keeping magicquotes running and not using those two above functions. Is it better to us those functions instead of magicquotes? Currently the server that I use uses magic quotes - though I can switch it to off. So I use neither stripslashes() nor mysqli_real_escape_string(). Am I right doing so? thanks in advance.