php - Slashes in MySQL tables, but using PDO and parameterized queries. Whats up? -

OK, so to update my database tables, my code is changing the taste of the following:

  $ Query = "Comment (comment, comment, rating, userrid) value (: comment, now (), 0,: userrid)"; Try {$ db_conn = new PDF ('mysql: host ='. $ Db_server. '; Dbname ='. $ Db_name, $ db_username, $ db_password); $ Db_conn- & gt; BeginTransaction (); $ Prep = $ db_conn- & gt; Ready ($ query); $ Ready-> Beyond Parm (': Comment', $ Comment, PDO: Parama_ast, 500); $ Ready-> Bindam Parm (': userrid', $ userrid, PDO :: Paramatti, 20); $ Prep- & gt; Executed (); $ Db_conn- & gt; Committed (); } Hold (PDOException $ e) {$ db_conn.rollBack (); Echo "error !:" $ E-> Received Message () "
"; Die (); }  

In the above, the comment comes from a post from another page. Setting properly through the Userrid function call, everything works well, except that the slash is added to the table.

Whatever I have read, says that to avoid slash of apoptosis, I should use questions with parameters if I am not wrong then I am absolutely sure what I do I am here. Am I forgetting something? Will someone tell me what I am not doing?

Thank you in advance, Michael

Maybe you've turned on, Need to do this:

  if (get_magic_quotes_gpc () == true) {$ comment = stripslashes ($ comment); $ Userrid = StripsSash ($ userrid); }  

If you are using PHP 5.3+ then you can get rid of all the magic quoted variables by keeping the following lines of code at the top of your file:

< Pre> if (get_magic_quotes_gpc () === 1) {$ _GET = json_decode (StripSearch (json_encode ($ _ GET, JSON_HEX_APOS)), true); $ _POST = json_decode (stripsash (json_encode ($ _ POST, JSON_HEX_APOS), true); $ _COOKIE = json_decode (StripSearch (json_encode ($ _cookie, JSON_HEX_APOS)), true); $ _REQUEST = json_decode (StripSearch (json_encode ($ _ request, JSON_HEX_APOS), true); }

If you are running the lower version of PHP, then you should.