ID: 39859
Updated by: [EMAIL PROTECTED]
Reported By: niraj6 at yahoo dot com
-Status: Open
+Status: Wont fix
Bug Type: Documentation problem
Operating System: Windows XP SP2
PHP Version: Irrelevant
New Comment:
The behavior of keys escaping changed between PHP versions.
Previous Comments:
------------------------------------------------------------------------
[2006-12-17 20:19:25] niraj6 at yahoo dot com
Description:
------------
PHP's magic quotes function has the strange behavior of not adding
slashes to top level keys in GPC key/value pairs but adding the slashes
in deeper level keys. To demonstrate, a URI of:
example.php?a'b[c'd]=e'f
produces:
array("a'b" => array("c\'d" => "e\'f"))
The current example for removing magic quotes does not do anything to
keys, so after running stripslashes_deep, you would end up with:
array("a'b" => array("c\'d" => "e'f"))
Which, needless to say, is wrong. As if you had magic quotes off, it
would have been:
array("a'b" => array("c'd" => "e'f"))
I have written a snippet of code compatible with PHP 4.0.0 and above
that handles this correctly:
if (get_magic_quotes_gpc()) {
function undoMagicQuotes($array, $topLevel=true) {
$newArray = array();
foreach($array as $key => $value) {
if (!$topLevel) {
$key = stripslashes($key);
}
if (is_array($value)) {
$newArray[$key] = undoMagicQuotes($value,
false);
}
else {
$newArray[$key] = stripslashes($value);
}
}
return $newArray;
}
$_GET = undoMagicQuotes($_GET);
$_POST = undoMagicQuotes($_POST);
$_COOKIE = undoMagicQuotes($_COOKIE);
$_REQUEST = undoMagicQuotes($_REQUEST);
}
Perhaps you should replace the example in the manual with my code
snippet. Oh and I have left a comment there too for users who visit the
page before you guys fix it. So someone could delete that once it's
fixed.
------------------------------------------------------------------------
--
Edit this bug report at http://bugs.php.net/?id=39859&edit=1
