addslashes Quote string with slashes &reftitle.description; stringaddslashes stringstr Returns a string with backslashes before characters that need to be quoted in database queries etc. These characters are single quote ('), double quote ("), backslash (\) and NULL (the &null; byte). An example use of addslashes is when you're entering data into a database. For example, to insert the name O'reilly into a database, you will need to escape it. It's highly recommeneded to use DBMS specific escape function (e.g. mysqli_real_escape_string for MySQL or pg_escape_string for PostgreSQL), but if the DBMS you're using does't have an escape function and the DBMS uses \ to escape special chars, you can use this function. This would only be to get the data into the database, the extra \ will not be inserted. Having the PHP directive magic_quotes_sybase set to on will mean ' is instead escaped with another '. The PHP directive magic_quotes_gpc is on by default, and it essentially runs addslashes on all GET, POST, and COOKIE data. Do not use addslashes on strings that have already been escaped with magic_quotes_gpc as you'll then do double escaping. The function get_magic_quotes_gpc may come in handy for checking this. &reftitle.parameters; str The string to be escaped. &reftitle.returnvalues; Returns the escaped string. &reftitle.examples; ]]> &reftitle.seealso; stripcslashes stripslashes addcslashes htmlspecialchars quotemeta get_magic_quotes_gpc