erawlins

This all makes a lot of sense. I think I know enough to proceed now. Thanks for all the help!

Thanks, that makes sense. But why am I getting so *many* backslashes -- three, to be exact? I am including this cookie string in a SQL statement, and MySQL doesn't like it at all. I can't stripslashes because the SQL parameter may actually have a quote in it and require a backslash -- for example, "select * from customer where last_name = 'O\'Neill'". Will that work if there are 3 slashes instead of one?

I am creating a web site using PHP, and need to pass certain strings via a cookie. I use setcookie() to store the cookie and $_COOKIE[] to retrieve it. All goes well until the stored string contains a backslash (\) or a single or double quote. In that case, when I retrieve the cookie it comes with 3 extra backslashes. Example: I store Sam's and I get back Sam\\\'s I store Sam\'s and I get back Sam\\\\\\\'s This does not happen when I test locally on my own machine; it only started happening when I moved the site over to TCH for beta testing. I can't strip the backslashes out of the retrieved string, because sometimes I put a backslash in myself, as in the second example. I can't use setrawcookie() because it plain forbids such characters in the first place. Tech support at TCH has declined to help or advise me. What's going on here, and what can I do about it?