php - mysql_real_escape_string() leaving slashes in MySQL

Question

I just moved to a new hosting company and now whenever a string gets escaped using:

mysql_real_escape_string($str);

the slashes remain in the database. This is the first time I've ever seen this happen so none of my scripts use

stripslashes()

anymore.

This is on a CentOS 4.5 64bit running php 5.2.6 as fastcgi on a lighttpd 1.4 server. I've ensured that all magic_quotes options are off and the mysql client api is 5.0.51a.

I have the same issue on all 6 of my webservers.

Any help would be appreciated.

Thanks.

Edit:

Magic Quotes isn't on. Please don't recommend turning it off. THIS IS NOT THE ISSUE.

Answer 1

The host that you've moved probably has magic_quotes_runtime turned on. You can turn it off with set_magic_quotes_runtime(0).

Please turn off magic_quotes_runtime, and then change your code to use bind variables, rather than using the string escaping.