if (get_magic_quotes_gpc()) {
array_walk_recursive($_POST, 'stripslashes');
}
That seems to be a reasonable solution...
On Fri, 17 Feb 2006 10:03:29 -0600, Charles McNulty <[EMAIL PROTECTED]> wrote:
> Yup, what Mykeul said. PHP doesn't add slashes to *any* POST data, it
> adds it to any post data *if and only if* the magi_quotes_gpc settings
> is present and flagged to true. Therefore, I suggest code at the top of
> the program (probably in main.inc?) that runs through the POST and GET
> variables and strips slashes only if magic_quotes is turned on.
> Alternatively, we could add slashes if magic_quotes is not turned on and
> then strip them at output.
>
> There are several examples of code that do just that here:
>
> http://us3.php.net/manual/en/function.get-magic-quotes-gpc.php
>
> Dean Jones wrote:
>> Unless it's something I don't know about... However, PHP add's slashes
> to quote to any POST data. That's why PHP has a built in function called
> stripslashes and addslashes. You're supposed to run stripslashes on any
> POST data that is to be displayed, really...
>>
>> On Fri, 17 Feb 2006 16:36:55 +0100, Mykeul <[EMAIL PROTECTED]> wrote:
>>> It is the magic_quotes problem, isnt it ?
>>>
>>>
>>> On 2/17/06, Dean Jones <[EMAIL PROTECTED]> wrote:
>>>> Umm... That's silly. They're definitely needed. Try sending an
> e-mail
>>>> and put quotes around something or use a single quote. The message
> ends
>>> up
>>>> like this:
>>>>
>>>> He said \"Hi\"
>>>>
>>>> and
>>>>
>>>> Wouldn\'t you like to know.
>>>>
>>>>
>>>> Using stripslashes removes those uneccessary escape slashes around
>>> quotes.
>>>> It's absolutely needed.
>>>>
>>>>
>>>>
>>>> On Fri, 17 Feb 2006 10:08:41 +0100, Håkan Lindqvist
>>> <[EMAIL PROTECTED]>
>>>> wrote:
>>>>> I don't understand why it should be necessary to use stripslashes in
>>> the
>>>>> first place. The slashes shouldn't be there in the first place,
> except
>>>>> in SQL queries.
>>>>>
>>>>> To me it seems that stripslashes isn't what we're looking for.
>>>>>
>>>>>
>>>>> /Håkan
>>>>>
>>>>> On tor, 2006-02-16 at 22:47 -0500, Dean Jones wrote:
>>>>>> Look like someone forgot to use stripslashes on the subject and body
>>> of
>>>>> the
>>>>>> messages... :)
>>>>>>
>>>>>> Is there a standard for checking in patches if you have access to
>>> CVS?
>>>>> I've
>>>>>> fixed this, but I wanted to check and see what the procedure was for
>>>>> checking
>>>>>> in small fixes like this.
>>>>>>
>>>>>> Dean
>>>>>>
>>>>>>
>>>>>>
>>>>>
>>>>
>>>>
>>>>
>>>
>>
>>
>>
