Hi Till
yeah I have removed this line, just wanted to show what i was using before.
I have now turned off the magic quotes and all seems good.
Thanks again
--------------------------------------------------
From: "till" <[email protected]>
Sent: Monday, July 13, 2009 9:32 PM
To: "Muhammad Ali" <[email protected]>
Cc: "Bradley Holt" <[email protected]>; <[email protected]>
Subject: Re: [fw-general] Fw: $request->getParams() returns escaped data
On Mon, Jul 13, 2009 at 10:16 PM, Muhammad Ali<[email protected]> wrote:
Hi Bradley
Thank a lot for your answer you have saved me hours and injecting work
arounds :)
if(isset($postValues['title'])) $postValues['title'] =
stripslashes($postValues['title']);
That is a bad hack. Say you have a slash in it for real. Just get rid
off magic quotes, they shouldn't be used anywhere anyway.
Till
