I created a form that takes a block of text and inserts it into an SQL database. I kept getting SQL errors when the user used single quotes. I added the addslashes() function and everything worked out fine. But according to w3, php should already be doing this. Further, when I retrieve the text from the database, all the apostrophes are replaced with � character.
Does anyone know what's happening? I don't even know where to begin.
Thanks everyone.
mysql_escape_string() worked. For the record, addslashes() was turning apostrophes into backticks. The problem