Dodajanje \ pri inputu

Lep pozdrav,

pri selitvi projekta na RPI mi comment box pred znakoma " in ' postavi \.
Data je corruptan že pred uvozom v database, sem preveril..
Če kaj pomaga, pred refreshom strani pokaže \\\" ali \\\', po refreshu pa \' ali \". V databasu ostane druga oblika.
Vem, da bi bilo pametneje uporabiti mysqli, a z mysql funkcijami deluje kot mora..

<?php 

ini_set("display_errors",1); 
error_reporting(E_ALL); 

require_once MODELS_DIR . 'subscribers.php';

class Comments {


	public static function getComments(  )
	{
		$output = null;
	
		$sql = "select * from comments order by comment_id desc";
		
		$query = mysql_query( $sql );
		
		if( $query )
		{
			$output = array();
			if( mysql_num_rows( $query ) > 0 )
			{
			
				while( $row = mysql_fetch_object( $query ) )
				{
					$output[] = $row;
				}
			
			}
		}
		
		return $output;
		
	}
	//return stdClass Object from the database
	public static function insert( $comment_txt , $userId )
	{
		//insert data into the database
		
		$comment_txt = mysql_real_escape_string( $comment_txt );
		
		$sql = "insert into comments values( '' , '$comment_txt' , '$userId' )";
		
		

		$query = mysql_query( $sql );
		
		if( $query )
		{
			$insert_id = mysql_insert_id();
			
			$std = new stdClass();
			$std->comment_id = $insert_id;
			$std->comment = $comment_txt;
			$std->userId = (int)$userId;		
			
			return $std;
			
		}
		
	
		return null;
	
	}
	

	public static function update( $data )
	{
	
	}
	
	public static function delete( $commentId )
	{
		$sql = "delete from comments where comment_id=$commentId";
		
		$query = mysql_query( $sql );
		
		if( $query )
		{
			return true;
		}
		
		return null;
	}


}

?>

<?php if( isset( $GLOBALS['comments'] ) && is_array( $comments ) ): ?>

<?php foreach( $comments as $key => $comment ): ?>


<?php $user = Subscribers::getSubscriber( $comment->userId ); ?>	
	
	<li class="comment-holder" id="_<?php echo $comment->comment_id; ?>">
	<div class="user-img">
		<img src='<?php echo $user->profile_img; ?>' class="user-img-pic"/>
	</div>
	<div class="comment-body">

			<h3 class="username-field">
			<?php echo $user->first_name?> <?php echo $user->last_name; ?>
			</h3>
			
		<div class="comment-text">
		<?php echo $comment->comment; ?>
		</div>
	</div>
	<?php if( $UserId == $comment->userId ): ?>
	<div class="comment-buttons-holder">
		<ul>
			<li id="<?php echo $comment->comment_id ?>" class="delete-btn">x</li>
		</ul>
	</div>
	<?php endif; ?>
	</li>
	<?php endforeach; ?>
	<?php endif; ?>

<?php 

	require_once $_SERVER['DOCUMENT_ROOT'] . '/defines.php';

	if( isset( $_POST['task'] ) && $_POST['task'] == 'comment_insert' )
	{
		require_once $_SERVER['DOCUMENT_ROOT'] . '/defines.php';
		$userId = (int)$_POST['userId'];
		$comment = mysql_real_escape_string( str_replace( "\n" , "<br>" , $_POST['comment'] ) );
		
		$std = new stdClass();
		$std->user = null;
		$std->comment = null;
		$std->error = false;
		
		require_once MODELS_DIR . 'comments.php';
		
		if( class_exists( 'Comments' ) && class_exists( 'Subscribers' ) )
		{	
			
			$userInfo = Subscribers::getSubscriber( $userId );
			
			if( $userId == null )
			{
				$std->error = true;
			}
			
			$commentInfo = Comments::insert( $comment , $userId );
			
			if( $commentInfo == null )
			{
				$std->error = true;
			}
			
			
			$std->user = $userInfo;
			$std->comment = $commentInfo;
			
		}
		
		echo json_encode( $std );
		
	
	}
	else
	{
		header('location: /');
	}


?> 

<?php


session_start();
$connect = @mysql_connect("localhost","root","pass" ) or die("this error");
mysql_select_db("comment_box")or die("filed to connect database");

if(isset($_SESSION['userName'])){
	
	$userName = $_SESSION['userName'];
	$password = $_SESSION['password'];
	$query = mysql_query("select * from subscribers where userName='$userName' and password='$password'  limit 1");
	
	while($row = mysql_fetch_assoc($query)){
		
		$fname1 = $row['userId'];
		$fname2 = $row['userName'];
		$fname3 = $row['first_name'];
		$fname4 =  $row['last_name'];
	}
	

	

}else{

header("Location: user_login.php");		
}



?>
<?php 

if(!isset($_SESSION["userName"])){
	header("location:login.php");
} else {
?>

<?php require_once $_SERVER['DOCUMENT_ROOT'] . '/defines.php'; ?>
<?php require_once MODELS_DIR . 'comments.php';

	$UserId = $fname1

?>
<html>
	<head>
		<title></title>
		<link rel="stylesheet" href="css/styles.css">
		<link href="css/layout.css" rel="stylesheet">
		<script type="text/javascript" src="js/jquery.js"></script>
		<script type="text/javascript" src="js/comment_insert.js?t=1414315248"></script>
		<script type="text/javascript" src="js/comment_delete.js?t=1414315248"></script>
		<script src="http://jwpsrv.com/library/kPeNbr6CEeOE1CIACrqE1A.js"></script>
		<link rel="shortcut icon" href=".../logo.png">
		<script type="text/javascript">
		<!--
		if (screen.width <= 800) {
		document.location = "/index8.php";
		}
		//-->
		</script>
	</head>
		<body>
		
			<div class="wrapper">
				<center>
				<div id="cssmenu" class="align-center">
				<ul>
				   <li class="active"><a href="index2.php">Home</a></li>
				   <li><a href="index3.php">About</a></li>
				   <li><a href="index4.php">Contact</a></li>
				</ul>
				</div>
				</center>	
				<div style="position:relative; overflow:hidden; left:30px; top:30px; width:693px; height:360px; z-index:0">
				<center>
					<script src="http://jwpsrv.com/library/kPeNbr6CEeOE1CIACrqE1A.js"></script>
					<div id=''></div>
					<script type='text/javascript'>
						jwplayer('').setup({
							file: '',
							image: '',
							title: '',
							width: '635',
							height: '365',
							aspectratio: '16:9'
						});
					</script>
				</center>
			</div>
			<div class="page-data">
				
			</div>
			<div class="comment-wrapper">
				<h3 class="comment-title">
				Welcome, <?php echo $fname3 ?> <?php echo $fname4 ?>! <a href="logout.php" style="text-decoration:none; color:#0099FF;">Logout</a>
				</h3>
				
				<div class="comment-insert">
					<h3 class="who-says"><span>Says: </span><?php echo $fname3 ?> <?php echo $fname4 ?></h3>
					<input type="hidden" id="userId" value="<?php echo $fname1 ?>">
					<input type="hidden" id="userName" value="<?php echo $fname2 ?>">
					
					<div class="comment-insert-container">
					<textarea id="comment-post-text" class="comment-insert-text"></textarea>
					</div>
					<div id="comment-post-btn" class="comment-post-btn-wrapper">
						Post
					</div>
				</div>
				<div class="comments-list">
					<ul class="comments-holder-ul">
					<?php $comments = Comments::getComments(); ?>
					<?php require_once 'includes/comment_box.php' ;?>
										
							
						</ul>
					</div>
				</div>
			</div>
		</body>
<?php
}
?>

Sem dodal

; Magic quotes
;
; Magic quotes for incoming GET/POST/Cookie data.
magic_quotes_gpc = Off
; Magic quotes for runtime-generated data, e.g. data from SQL, from exec(), etc.
magic_quotes_runtime = Off
; Use Sybase-style magic quotes (escape ' with '' instead of \').
magic_quotes_sybase = Off
extension=pdo.so
extension=pdo_mysql.so

v /etc/php5/apache2/php.ini file in še vedno ostaja enako..

php -v da output PHP 5.6.29-0+deb8u1
Kaj niso magic quotesov removali že okoli php 5.4?
phpinfo kateri del naj postam?

//insert data into the database
		
		$comment_txt = mysql_real_escape_string( $comment_txt );
		

kaj pa ta del?

Sem rešil

Sem rešil z removanjem addslashes, a zdaj mi ne spusti skozi znaka '. Če uporabim npr. '' gre skozi, če pa je kjekoli v besedilu en sam ' ne gre.

Error message:

Cannot read property 'comment_id' of null.
at comment_insert (comment_insert.js?t=1414315248:81)
at Object.<anonymous> (comment_insert.js?t=1414315248:50)
at j (jquery.js:1)
at Object.fireWith [as resolveWith] (jquery.js:1)
at x (jquery.js:3)
at XMLHttpRequest.b (jquery.js:3)

JS:

$( document ).ready( function(){

	//this will fire once the page has been fully loaded
	
	$( '#comment-post-btn' ).click( function(){ 
		comment_post_btn_click();
	});
});


function comment_post_btn_click()
{

//Text within textarea which the person has entered
	var _comment = $( '#comment-post-text' ).val();
	var _userId = $( '#userId' ).val();
	var _userName = $( '#userName' ).val();
	var _first_name = $( '#first_name' ).val();
	var _last_name = $( '#last_name' ).val();
	
	
	if( _comment.length > 0 && _userId != null )
	{
		//proceed with our ajax callback
		$('.comment-insert-container').css( 'border' , '1px solid #e1e1e1' );  
		
		$.post( "ajax/comment_insert.php" ,
			{
				task : "comment_insert",
				userId : _userId,
				comment : _comment,
				userName : _userName,
				first_name : _first_name,
				last_name : _last_name,
				
			}	
		)
		.error(
	
			function(  )
			{
				console.log( "Error:" );
			})
		.success(
		
			function( data )
			{
				//Seccess
				//Task Insert html into the ul/li
				comment_insert( jQuery.parseJSON( data ) );
				console.log( "ResponseText:" + data );
			}
		);
		
		
		
		
		console.log( _comment + "UserName: " + _userName + "User Id" + _userId );
	}
	else
	{
		//the textarea is empty, lets put a border of red on it
		//in a second
		$('.comment-insert-container').css( 'border' , '1px solid #ff0000' );  
		console.log( "The text area was empty" )
	}
	
	
	
	//remove the text from the textarea, ready for another comment
	//possibly
	$( '#comment-post-text' ).val("");
	

}


function comment_insert( data )
{
	var t = '';
	t += '<li class="comment-holder" id="_'+data.comment.comment_id+'">';			
	t += '<div class="user-img">';
	t += '<img src="'+data.user.profile_img+'" class="user-img-pic"/>';
	t += '</div>';
	t += '<div class="comment-body">';
	t += '<h3 class="username-field">'+data.user.first_name+' '+data.user.last_name+'</h3>';
	t += '<div class="comment-text">'+data.comment.comment+'</div>';
	t += '</div>';
	t += '<div class="comment-buttons-holder">';
	t += '<ul>';
	t += '<li id="'+data.comment.comment_id+'" class="delete-btn">x</li>';
	t += '</ul>';
	t += '</div>';
	t += '</li>';
	
	$( '.comments-holder-ul' ).prepend( t );
	add_delete_handlers();

}