What are your settings for magic_quotes?


in your php.ini.

magic_quotes_gpc will automagically addslashes() to incoming GET, POST, and
COOKIE data. So you don't need to do it yourself. The defaults to On.

magic_quotes_runtime will autmagically addslashes() to data retrieved from a
database. This defaults to Off.

Also, note that you DO NOT have to stripslash data that comes out of a
database just because you used addslashes() on it when you inserted it. If
you have a string like "What's up with the " character" and you use
addslashes() on it (either automatic with magic_quotes, or manually), then
you'll have the string "What\'s up with the \" character" When you insert
that into the database, the \ character tells the database that the
character after it should be taken as a literal character and not the end of
the string. The actual \ doesn't go into the database. If you are seeing the
\ in your database, then  you are running addslashes() twice on your data.


---John Holmes...

----- Original Message -----
From: "Trond Arve Nordheim" <[EMAIL PROTECTED]>
Sent: Wednesday, June 05, 2002 6:59 AM
Subject: [PHP] Unexpected addslashes/stripslashes-behaviour?

> I'm just having a little problem using addslashes/stripslashes here, and
> wondering if this actually is the expected behaviour:
> I get text from a form post, let's say "This sucks :\".
> I do $text = addslashes($_POST["fieldname"]); and stick $text in a DB.
> When I pull the text back out, and run stripslashes on the text, the
result is:
> "This sucks :".. the \ is gone...
> Is it supposed to do this? As far as I've seen I need stripslashes on data
> a DB already addslashed... so.. what's going on?
> --
> Trond Arve Nordheim
>  - "This message has been ROT13-encrypted twice for extra security"
> -------------------------------------------------
> This mail sent through IMP: http://horde.org/imp/
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php

PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Reply via email to