get rid of magic_quotes with stripcslashes causes a mysql_query not to return mysql_error()?

Question

file 1/ querydb.html------------------------------------
...

<...name='query' ...>$query<...

file 2/ querydb.php----------------------------
...
$query = "$_POST[query]";
$query = stripcslashes($query);
mysql_query($query, $conn)or die(mysql_error());


If I POST any $query with (') from file 1
ex. $query="update subscribers set name='theo' where..."

it will be received by file 2 like
$query = $_POST[query]="update subscribers set name=\'theo\' where..."

and then stripcslashes($query)="update subscribers set name='theo' where..."

If the query is not correct
(ex: ...("updata subscribers set name='theo' where...")
It will not be executed and there will be no
return of mysql_error().

But----------------------------------------------------------
If I pull out of the code the line
$query = stripcslashes($query);
then the query of course is not correct and will not be executes
(ex: ..."update subscribers set name=\'theo\' where...")
but
this code RETURNS the mysql_error().

Thank you for reading

Answer 1

What is MySQL error you are recieving? A better way to prevent SQL injection for this sort of thing is to use PDO as a database abstraction layer (www.php.net/PDO/). Using PDO you would just do:
$query="UPDATE subscribers SET name = :name WHERE...";
$stmt=$connecton->prepare($query);
$stmt->execute(array(":name"=>$name));