FuelPHP update of ORM results in " instead of " sporadically

Question

I'm using PHP 5.4.4 and I'm getting very strange behavior with the FuelPHP ORM save and update functions.

I'm trying to save either serialized or JSON data to a field in the database so something like {"name":"michael"}. When I use the model->save() directly after Model::forge() it seems to work fine 100% of the time and the string you see is the one that gets stored in the MySQL db.

However, if I immediately change something like model->property = 'new property' (not the JSON or serialized data property) and then do another model->save() it will 90% of the time turn all my " into &quot;

It seems that when I debug the issue and step through line by line, it will not reproduce this problem! It will make through the entire script and still have the correct " instead of &quot;

This problem is driving me nuts. I would assume its a configuration thing or there would be a lot more complaints, but I can't find the right switch. I've set both php_flag magic_quotes_gpc Off and php_flag magic_quotes_runtime Off in my .htaccess (although it shouldn't be needed in PHP 5.4+) and verified that both are false.

I'm out of ideas here. Anything to investigate would be really helpful.

Answer 1

Your ORM maybe using some sort of escape function to save your json string. This is a security feature to prevent sql injection attacks. Use a noSql solutions like MongoDB or CouchDB if you need to store json. Otherwise you'll need to cleanup your json strings after they come out of mysql and before you decode them.

http://dev.mysql.com/doc/refman/5.0/en/string-literals.html