addslashes function add really a slash when i try to retrieve data from database

i need to enter a string to my database, this string may contain this caracter :', i wasn't able to enter this until i used addslashes() function, however when trying to display the string manipulated with the addslashes() later to the user it appears with the slash

$this->adresse=addslashes($this->adresse);//example : L'Arc

when trying to display it later i got :开发者_如何学运维 L\'Arc

for inserting into database i use the PDO like this :

$req=$bdd->prepare('Insert into ...

can you please help me, i want to prevent this caracter ' into the query but in the other side i don't want that the \ will be shown with the string .

---

$str = addslashes("dsa'ds'a''''ds'a'ds");
var_dump($str ); //with slashes
var_dump(stripslashes($str )); //without

addslashes goes in pair with stripslashes

also expreiment with '' two single quotes one after the other some string replace might be needed.

---

addslashes shouldn't be necessary and shouldn't be used when interacting with a database. Preferred over addslashes is whatever quote function the DB driver provides. Preferred over quote functions are prepared statement parameters, which will prevent injection attacks. Moreover, you can't forgot parameters, while you can forget to quote. For example:

$thing = new StdClass;
$thing->foo = 'bar';
$thing->addresse = 'anywhere';
$req = $bdd->prepare('INSERT INTO table (addresse, foo) VALUES (:addresse, :foo)');
$req->execute((array) $thing);

Not that casting an object to an array and passing that to execute is appropriate for your DAL.