Look, when I populate this data into my form
for an edit option I don't need to strip the slashes. But in my list
action, that catch the data in the same way of my edit option I have to
use stripslashes. So, my form do this to me, but not my view without
form.
My data is escaped as expected when inserting, and when editing the
slashes are striped as expected. Like I said, I don't have double
slashes. The issue is in my view list.phtml or in my view.phtml.
Do I have to use stripslashes in such case?
If not, where in Zend_Db_Table_Row_Abstract have an action to strip
slashes? I can't see it.
Hector Virgen [via Zend Framework Community] escreveu:
Normally you shouldn't have to strip slashes on data
coming out of the database. I think you'd be better off finding out why
the data is being escaped twice than trying to undo something that
shouldn't have been done in the first place (double-escaping).
Does the problem exist with code-created data, too, such as in
my example?
--
Hector
On Wed, Feb 24, 2010 at 6:08 PM, Keyne < [hidden email] > wrote:
I don't need to use addslashes, just stripslashes in my view.
public function insert($data)
{
$data = array(
'nome' => $data['nome'],
'email' => $data['email'],
'sobre' => $data['sobre']
);
return parent::insert($data);
}
But, there is a way to turn this task (stripslashes) automatic?
Hector Virgen wrote:
>
> How are you inserting that into the database? Here's one way to do
it that
> should work:
>
> $id = $db->insert('mytable', array(
> 'theString' => "I'm both entrepeneaur and..."
> ));
>
> Note that this method automatically builds the SQL and escapes the
values
> for me -- no need to use addslashes() or
mysql_real_escape_string().
>
> Also, have you verified that magic quotes is off? You can run this
code to
> check:
>
> Zend_Debug::dump(get_magic_quotes_gpc());
>
> --
> Hector
>
>
> On Wed, Feb 24, 2010 at 5:34 PM, Keyne < [hidden email] > wrote:
>
>>
>> I have the same issue. Magic quotes is off.
>>
>> My result looks like: "I\'m both entrepreneur and..."
>> The database row looks like this too: "I\'m both entrepreneur
and..."
>>
>> And to get the data I use $this->fetchAll()->toArray();
>>
>> Then I need to use stripslashes.
>>
>> What I need to do to avoid this?
>>
>>
>> Mark Steudel wrote:
>> >
>> > Have you looked to see if magic_quotes are on?
>> >
>> > On Wed, Feb 24, 2010 at 1:03 PM, Jurian Sluiman
>> > < [hidden email] > wrote:
>> >> On Sunday 21 Feb 2010 21:43:04 troels knak-nielsen
wrote:
>> >>> If that's the case, then you have double escaping
going on. The data
>> >>> should not contain the slash once it's in the
database. The point of
>> >>> adding the slash is to "protect" the data when
it's embedded in *the
>> >>> query*. That is also why you don't have to (and
indeed should not)
>> >>> unescape anything when reading from the database.
The slashes are
>> >>> *only* there because you're embedding data in a
query.
>> >>>
>> >>> Compare this with a string literal in php. Given
the following:
>> >>>
>> >>> echo "A \"double\" quote";
>> >>>
>> >>> Running this php code will output:
>> >>>
>> >>> A "double" quote
>> >>>
>> >>> That's because the *data* doesn't contain any
slashes. The slashes
>> are
>> >>> there so that the php parser can read the literal
string. Once they
>> >>> have been read into memory, the slashes are gone.
Same thing with
>> sql.
>> >>
>> >> (sorry for my late reaction)
>> >>
>> >> So actually it isn't the data *retrieval* but rather
the *insertion*
>> if
>> I
>> >> understand you right? The things I do are 99% from
the manual:
>> >>
>> >> * Database initialized by application resource (db
params: host,
>> >> username,
>> >> passwd, db name, isDefault = true)
>> >> * Data into model (My_Model_Name) and saves it into
mapper
>> >> (My_Model_NameMapper).
>> >> * Mapper has DbTable obj, My_Model_DbTable_Name and
extends
>> >> Zend_Db_Table_Abstract
>> >> * Data is saved through
Zend_Db_Table_Abstract::insert() or
>> >> Zend_Db_Table_Abstract::update() methods
>> >>
>> >> After calling the method the strings are in the
database like I said
>> (so
>> >> _with_ quotes). What's are the things I can look
after (php settings,
>> >> mysql
>> >> settings, system settings) to solve this problem?
>> >>
>> >> Thanks in advance,
>> >> Jurian
>> >> --
>> >> Jurian Sluiman
>> >> CTO Soflomo V.O.F.
>> >> http://soflomo.com
>> >>
>> >
>> >
>> >
>> > --
>> >
>> > -----------------------------------------
>> > Mark Steudel
>> > P: 206.375.7244
>> > [hidden email]
>> >
>> > . : Work : .
>> > http://www.mindfulinteractive.com
>> >
>> > . : Play : .
>> > http://www.steudel.org/blog
>> >
>> >
>>
>> --
>> View this message in context:
>>
http://n4.nabble.com/Escape-stripslashes-and-html-entities-tp1562340p1568393.html
>> Sent from the Zend Framework mailing list archive at
Nabble.com.
>>
>
>
--
View this message in context:
http://n4.nabble.com/Escape-stripslashes-and-html-entities-tp1562340p1568423.html
Sent from the Zend Framework mailing list archive
at Nabble.com.
View
message @
http://n4.nabble.com/Escape-stripslashes-and-html-entities-tp1562340p1568427.html
To unsubscribe from Re: Escape, stripslashes and html entities, click
here .
--
View this message in context:
http://n4.nabble.com/Escape-stripslashes-and-html-entities-tp1562340p1568443.html
Sent from the Zend Framework mailing list archive at Nabble.com.
