I am trying to safely add a post but I wont to be able to add apostrophes for words like don't. When I use the code below, it adds it into the database like "don\t" but when I want to display it I only want it to show "don't". Looking around many people are saying you dont need to do anything more just call it from the database and others are saying do other things. Clearly I can not just leave it because it is still showing as "don\t"
$stmt = db::connect()->prepare("INSERT INTO Posts (postedByUserID, postTitle, postCatID, postDate, postContent) VALUES ( ?, ?, ?, ?, ?)");
$stmt->bind_param('isiss', $inUserID, mysql_real_escape_string($inPostTitle), $inPostCatID, $postDate, mysql_real_escape_string($inPostContent));
$stmt->execute();
As I understand it - you don't need to escape it if you are using bind_param style input to the database. It will escape it for you - in essence you've escaped it twice?