This same problem was ruining some client-side JavaScript I was putting in an ez-page. I found out why this happens too. That old enemy stripslashes() is the culprit and it's being called without first seeing if get_magic_quotes_gpc() is true.
The state of Magic quotes should never be assumed and its use is condemned anyway. I think the same problem arises elsewhere too.
You can fix it by correcting the second line of zen_db_prepare_input() (about line line 83 of database.php):
Code:
return trim(get_magic_quotes_gpc() ? stripslashes($string) : $string);
Bookmarks