views:

36

answers:

2

I have an odd one - I am porting some data from one CMS to another. Both run on LAMP.

In the old CMS, the data was stored, with slashes in the DB.

Examples:

Hi. Thanks for looking. It\'s \"awesome\".

That correctly displays when output by the old CMS as:

Hi. Thanks for looking. It's "awesome".

But in the new CMS, they same text is stored simply as the following and they deal with the quotes when it comes out:

Hi. Thanks for looking. It's "awesome".

I have tried replace() directly on mysql, but that just escapes the quote and it just removes all the quotes. Then I tried looking into pulling all the data out with php, and putting it back in, without doing anything hoping that the slashes would escape the data and I'd be good, but not such luck - that seems to work for one of two rows but the query gets broken.

Any ideas? It's been a while since I have played around with add/stripslashes, etc.

Thanks

A: 

if you use PHP to import your data you will want to perform -

str_replace("'", "''")

on each entry.

this is how MYSQL escapes strings

Nirvana Tikku
the text you linked to says something different
Col. Shrapnel
here are several ways to include quote characters within a string:*A “'” inside a string quoted with “'” may be written as “''”.*A “"” inside a string quoted with “"” may be written as “""”. Am I misinterpreting something?I've loaded a couple of data sets using Java and perform the operation (replaceAll("'","''")) while reconstructing the load file, and it takes care of my escaping woes.
Nirvana Tikku
mysql escape character is backslash, not quote
Col. Shrapnel
hmmm, you're right about mySQL documentation.. but doubling the single-quote character does indeed escape a single-quote; i just gave it a shot, and it worked fine for me... "CREATE TABLE escapeStrings ( someString varchar(100) );" >> "INSERT INTO escapeStrings (someString) VALUES ('''this'' is a ''''test''''');" >> "select * from escapeStrings;" >> 'this' is a ''test''
Nirvana Tikku
Thanks for taking the time to try and help me out, but I went with the other solution.
Dan
+1  A: 

in PHP you have to make it

$data = stripslashes($data);
$data = mysql_real_escape_string($data);
Col. Shrapnel