Hello,
I had the same problem:
So I tried stripslashes..
But Queries do break if unslashed ' or " are present.
and furthermore, there are many other problems ..
So I created a function called "entities"..
Let's imagine a user
made an input of
name: Simon "The Snake"
surname: O'Connors
you can simply call the function like this:
entities($HTTP_POST_VARS);
and you'll have
echo $name;
// will produce: Simon "The Snake"
$surname =
// will produce: O'Connors
/*
=> $description = "book's description";
=> $title = "book's title ";
=> $arr = array("description"=>"$description","title"=>"$title");
=> entities($arr);
returns variables, but with entities and other things changed-
ie: $title = "book's title";
$description = "book's description";
or just simply:
entities($HTTP_POST_VARS) for variables passed from one page to another
*/
function entities($arr)
{
$arrct = count($arr);
for(reset($arr); $key = key($arr); next($arr))
{
global $$key;
$$key = htmlentities($arr[$key]);
$$key = stripslashes($$key);
$$key = str_replace("'","'",$$key);
$$key = str_replace('"',""",$$key);
}
}
It's basically something like
array_walk.
----- Original Message -----
From: "Richard Lynch" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Wednesday, June 27, 2001 10:30 AM
Subject: Re: [PHP] Filtering out \ when a ' is user entered?
> > I'm pretty new to PHP but all I've seen of it so far I pretty much love!
> >
> > I've built a web log but when the user enters their data and they use '
> > or " (and you know they will) php always shows it from the included
> > web log as
> >
> > \' How can I filter out these backslashes so they don't appear on the
> > final public viewable page?
>
> You need those \ in there to store it into a database.
>
> If you don't use a database, you can turn MagicQuotes off in php.ini
>
> If you *do* use a database, you can use http://php.net/stripslashes to
strip
> out the slashes.
>
> If, after turning off MagicQuotes, or calling stripslashes, you find you
> need them back in there after all for something, you use http://addslashes
>
>
> --
> WARNING [EMAIL PROTECTED] address is an endangered species -- Use
> [EMAIL PROTECTED]
> Wanna help me out? Like Music? Buy a CD: http://l-i-e.com/artists.htm
> Volunteer a little time: http://chatmusic.com/volunteer.htm
>
>
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
> To contact the list administrators, e-mail: [EMAIL PROTECTED]
>
>
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]