<?php
$link = mysql_connect('localhost', 'root', 'root')
OR die(mysql_error());
mysql_select_db('autos') or die('no db');
$bookName = "O'relly";
$user = addslashes($bookName);
$query = "INSERT INTO makes VALUES(null, '{$user}')";
mysql_query($query) OR die(mysql_error());
var_dump($user);
?>
Var dump output is string 'O\'relly' (length=8) But in DB stored as 'O'relly
Looks like Mysql strip slashes before insert in DB. It's true?