extra /// when pulling info from database

i am using a funstion to insert data into the database

so here is where it inserts

i am inserting this

<div class="widget" id="recentcomments"><h2>Blog</h2></div>

update_option("head-text", mysql_real_escape_string($head_text));

so it insert开发者_运维问答s into the database and when i save and pull it back out like below.

<input type="text" name="head-text" id="head-text" class="regular-text" value="<?php echo htmlentities($head_text, ENT_QUOTES); ?>"/>

i get the following.

<div class=\\\"widget\\\" id=\\\"recentcomments\\\"><h2>Blog</h2></div>

loads off \\\\

sorry for the vag question before.

---

According to the manual mysql_real_escape_string

If magic_quotes_gpc is enabled, first apply stripslashes() to the data. Using this function on data which has already been escaped will escape the data twice.

You can go for a function like this (in case you don't want to use prepared statements)

function safe($input)
{
    if (get_magic_quotes_gpc())
    {
        $input   = stripslashes($input);
        $escaped = mysql_real_escape_string($input);
    }
    else 
    {
        $escaped = mysql_real_escape_string($input);
    }

    return $escaped;
}

There's no need to call stripslashes() on output if SQL escaping is done properly

---

You have your data escaped twice before it gets inserted into database.

You have to find what causing this, and turn off excessive escaping.

It could be magic_quotes_gpc setting.
In this case you have to turn off this setting in the PHP configuration.
And add a code that checks get_magic_quotes_gpc() result and strips slashes from all superglobal arrays.

if magic quote are certainly turned on,
It could be also just mysql_real_escape_string/addslashes being called twice in your code. You have to search your code for this and get rid of one which is called earlier than anaother

---

Thanks for the replies got it working with the following.

<?php echo htmlentities(stripslashes($head_text)); ?>

needed them both