Displaying Code Snippets Properly Without Escape Characters

I have a PHP script that stores my code snippets. To insert, I use:

$snippet_code = mysqli_real_escape_string($conn,trim($_POST['snippet_code']));

To display, I use the following which is wrapped in a pre tag:

$snippet_code = htmlentities($row['SnippetText']);

I notice that sometimes I get a lot of escape characters like \\\\ when the snippet is displayed on the page. The escape characters are present wherever single or doub开发者_运维知识库le quotes appear in the code. The problem seems to be more severe in non-English language browsers.

How can I properly do this? How can I properly store and display code on a page?

Assuming you mean slash escape sequences like \", and not HTML escape sequences like & try this:

$snippet_code = htmlentities(stripslashes($row['SnippetText']));

If it is actually HTML escapes causing you trouble, just omit the htmlentities call.

If you are getting ' converted to \', your server is probably configured with a legacy option called Magic Quotes. You can read about it in the PHP manual. My advice is to disable them if possible.

Also, check your database. It's possible that your current data is corrupted. If so, you can write a small script thay uses stripslashes() to fix it.

From your comments, it seems that you are in fact talking about slashes found before quotes.

It's not clear from the limited information you've given us why non-English browsers would show more of these.

However, it is likely that these slashes should not be present in the first place. Perhaps you are running mysql_real_escape_string several times, instead of just once... but, again, nothing you've shown us indicates that.

Either way, you should fix the data in the database and not just hack around the issue on display.