str_replace Problem & single quotes...

I'm trying to take a user-inputted string and insert into a database. So when I'm building the query in PHP, I want to replace a single quote ' with two-single quotes '' (not a double quote) so that SQL can parse the query correctly. Sounds simple, but I keep getting strange results. Here is the code in question:
...str_replace("''","'",$_POST['Title'])...
For example, when the $_POST['Title'] variable = Ptty 359 Won't Boot
The resulting string is:
Ptty 359 Won\''t Boot
Why is PHP so kind as to add the slash in there? It's causing my SQL query to bomb. Help, I'm pulling my hair out.

You need to use stripslashes() (http://php.net/stripslashes)

I tested on this data: Ptty 359 Won't Boot http:\\Test.com\Index.php

On the code stripslashes(str_replace("''","'",$_POST['usr']))
And the results were perfect.
Ptty 359 Won''t Boot http:\\Test.com\Index.php

Thanks! :thumbsup:

The code above works for MS-SQL, I had to make a correction in my abstraction to get it to work with MySQL. MySQL removes \ & changes \\ to \ so I was losing user-entered slashes.
str_replace("\\","\\\\",stripslashes(str_replace("'","''",$teststr)))
:eek: