Index: mysql-real-escape-string.xml
===================================================================
RCS file: /repository/phpdoc/en/reference/mysql/functions/mysql-real-escape-string.xml,v
retrieving revision 1.27
diff -u -r1.27 mysql-real-escape-string.xml
--- mysql-real-escape-string.xml	18 Jan 2007 20:36:11 -0000	1.27
+++ mysql-real-escape-string.xml	18 Apr 2007 16:04:56 -0000
@@ -134,18 +134,23 @@
 
     } else {
         
-        // Reverse magic_quotes_gpc effects on those vars if ON.
+        // Reverse magic_quotes_gpc/magic_quotes_sybase effects on those vars if ON.
 
         if(get_magic_quotes_gpc()) {
-            $product_name        = stripslashes($_POST['product_name']);
-            $product_description = stripslashes($_POST['product_description']);
+            if(ini_get('magic_quotes_sybase')) {
+                $product_name        = str_replace("''", "'", $_POST['product_name']);
+                $product_description = str_replace("''", "'", $_POST['product_description']);
+            } else {
+                $product_name        = stripslashes($_POST['product_name']);
+                $product_description = stripslashes($_POST['product_description']);
+            }
         } else {
             $product_name        = $_POST['product_name'];
             $product_description = $_POST['product_description'];
         }
 
         // Make a safe query
-        $query = sprintf("INSERT INTO products (`name`, `description`, `user_id`) VALUES ('%s', '%s', '%d')",
+        $query = sprintf("INSERT INTO products (`name`, `description`, `user_id`) VALUES ('%s', '%s', %d)",
                     mysql_real_escape_string($product_name, $link),
                     mysql_real_escape_string($product_description, $link),
                     $_POST['user_id']);