addslashes Quote string with slashes stringaddslashes stringstr Returns a string with backslashes before characters that need to be quoted in database queries etc. These characters are single quote ('), double quote ("), backslash (\) and NUL (the &null; byte). An example use of addslashes is when you're entering data into a database. For example, to insert the name O'reilly into a database, you will need to escape it. Most databases do this with a \ which would mean O\'reilly. This would only be to get the data into the database, the extra \ will not be inserted. Having the PHP directive magic_quotes_sybase set to on will mean ' is instead escaped with another '. The PHP directive magic_quotes_gpc is on by default, and it essentially runs addslashes on all GET, POST, and COOKIE data. Do not use addslashes on strings that have already been escaped with magic_quotes_gpc as you'll then do double escaping. The function get_magic_quotes_gpc may come in handy for checking this. ]]> See also stripslashes, htmlspecialchars, quotemeta, and get_magic_quotes_gpc.