[CLUE-Tech] PHP escaping characters
Jeffery Cann
fabian at jefferycann.com
Fri Mar 1 18:54:19 MST 2002
Jed,
Have a look at the magic_quotes_* configuration variable for php. This
config variable is where you control such things like escaping of characters.
In particular, I think you need to turn on magic_quotes_sybase to stop the
escaping of apostrophes. For details:
http://www.php.net/manual/en/configuration.php
The suggested stripslashes() will work too, but why write code when you can
do it with a configuration change? :-p
Jeff
On Friday 01 March 2002 05:44 pm, Jed S. Baer wrote:
> Greetings.
>
> I have this "one-script" php generated HTML form. Pretty simple stuff.
> What happens is that if I enter a name in the name text field, like
> "Duncan O'Malley", it gets changed to "Duncan O\'Malley".
>
> It happens regardless of whether I do a get or post method. I thought any
> special characters were supposed to just get URL encoded, and magically
> renoberated back to whatever they were on either end.
>
> I tried fixing this using the htmlspecialchars function, but that didn't
> work, presumably because the apostrophe has already been escaped at that
> point.
>
> The form is contained in a string variable in the script:
>
> $xform = "
> // snip
> <input type=\"text\" name=\"yourname\"
> size=\"40\" maxlength=\"40\"
> value=\"$yourname \"
>
> // snip
> ";
>
> so the first time it's called, $yourname is blank, and if the form gets
> redisplayed because of validation errors, what was there is retained.
>
> TIA
> jed
More information about the clue-tech
mailing list