Advertisement
Help Keep Boards Alive. Support us by going ad free today. See here: https://subscriptions.boards.ie/.
If we do not hit our goal we will be forced to close the site.

Current status: https://keepboardsalive.com/

Annual subs are best for most impact. If you are still undecided on going Ad Free - you can also donate using the Paypal Donate option. All contribution helps. Thank you.
https://www.boards.ie/group/1878-subscribers-forum

Private Group for paid up members of Boards.ie. Join the club.

html/php form escaping quotes

  • 18-09-2007 05:29PM
    #1
    Goodshape
    Registered Users, Registered Users 2 Posts: 8,488 ✭✭✭


    I've got a simple HTML form passing information to an even simpler PHP script. At the moment I'm just trying to figure out why my quotes (' and ") are being escaped (i.e. \' and \") without my say-so.

    Form page : 
    <p><label for="edition_comments">Comments </label><textarea id="edition_comments" name="edition_comments"></textarea></p>

    Processing page : 
    $comments = $_POST['edition_comments'];
echo $comments;

    Without any additional input from me (afaik), entering something like that's in the form comes through as that\'s on the other end.

    Anyone have any ideas? Thanks.


Comments

  • #2
    forbairt
    Registered Users, Registered Users 2 Posts: 3,594 ✭✭✭forbairt


    By default php has magic quotes switched on

    try the following in a php file 
    echo get_magic_quotes_gpc();

    a 1 means its on ...

    if you don't want it on .. go into you php.ini file and find magic_quotes_gpc = On
    and change it to magic_quotes_gpc = Off

    BTW I'd leave it on if I were you ...

    Its a safety feature to try stopping sql injection attacks ...

    there's a function called stripslashes() you can use to remove them


  • #3
    Goodshape
    Registered Users, Registered Users 2 Posts: 8,488 ✭✭✭Goodshape


    Indeed it is a '1'.

    Cheers for that :)


Advertisement