Ok...like, I said...pretty simple.
Now, when I run this on my local machine, I enter:
we'll
in the textarea and when I submit the form, I get:
we'll
However, when I run this form on my webhost, I enter:
we'll
in the textarea and when I submit the form, I get:
we\'ll
Somehow a slash was added before the tick mark. Is this some
configuration option? Does it have to do with how PHP is configured on
the webhost? Does it have something to do with how Apache is configured
on the webhost? Any idea how the slash got there?
I'm just finding this rather odd and hoping to get an explanation.
If it is easily explained, is the best way to get rid of the extra slash
marks to call stripslashes()?
If you want to see it in action on the webhost, just visit:
<?PHP
echo "<html><head><title>hello</title></head>";
echo "<body bgcolor=#eeeeee>";
if ( isset( $_POST['body'] ) )
{
echo $_POST['body'] . "<br>";
}
else
{
echo "No body var<br>";
}
echo "<form name=ContactPlayers method=post action=\"index.php\">";
echo "<textarea cols=80 name=body rows=12></textarea>";
echo "<br>";
echo "<p><input type=submit name=submit value=Send>";
echo " ";
echo "<input type=reset></p>";
echo "</form>";
echo "</body></html>";
?>
>However, when I run this form on my webhost, I enter:
> we'll
>in the textarea and when I submit the form, I get:
> we\'ll
>
>Somehow a slash was added before the tick mark. Is this some
>configuration option? Does it have to do with how PHP is configured on
>the webhost? Does it have something to do with how Apache is configured
>on the webhost? Any idea how the slash got there?
It's the misguided PHP configuration option "magic_quotes_gpc".
http://uk2.php.net/manual/en/security.magicquotes.php
This should be Off. Sounds like it's On on your webhost.
If you have permissions, you may be able to disable it in a .htaccess file.
Otherwise you'll have to mess around checking whether it's on or off, and if
it's on, use stripslashes() on the data, which is fairly ridiculous.
--
Andy Hassall :: an...@andyh.co.uk :: http://www.andyh.co.uk
http://www.andyhsoftware.co.uk/space :: disk and FTP usage analysis tool
> On Mon, 27 Feb 2006 21:11:07 GMT, egus...@verizon.net (Eric) wrote:
>
> >However, when I run this form on my webhost, I enter:
> > we'll
> >in the textarea and when I submit the form, I get:
> > we\'ll
> >
> >Somehow a slash was added before the tick mark. Is this some
> >configuration option? Does it have to do with how PHP is configured on
> >the webhost? Does it have something to do with how Apache is configured
> >on the webhost? Any idea how the slash got there?
>
> It's the misguided PHP configuration option "magic_quotes_gpc".
>
> http://uk2.php.net/manual/en/security.magicquotes.php
>
> This should be Off. Sounds like it's On on your webhost.
>
> If you have permissions, you may be able to disable it in a .htaccess file.
>
> Otherwise you'll have to mess around checking whether it's on or off, and if
> it's on, use stripslashes() on the data, which is fairly ridiculous.
Thank you. This was driving me nuts.
Unfortunately, my webhost is rather clueless (I'm switching soon) and
likely won't be interested in modifying their configuration.
You can probably work this to your advantage if you just look it up in
the right reference :)
Hi
"magic_quotes_gpc" is turned on in the php.ini.
If you cannot change it, just add above EVERY script of yours:
ini_set("magic_quotes_gpc" , 0);
I took up the habbit of adding a file for every new project that contains a
few ini_sets, and if they fail, I let my app fail too.
It is the easiest way to overrule php.ini if you cannot or wish not to
change php.ini directly.
I think it is important to make such a file because you never know where
your application might end up. (Another ISP, or your current ISP changes
php.ini, etc.)
Remember that not all php.ini values can be overruled, so make sure you
check too if the ini_set() suceeded. (Like using ini_get() to check.)
Regards,
Erwin Moller
I would be interested to know what ini_sets you considered to be
important.
Hi Eric,
The answer depends on the project.
But here is an example of how I do it.
This is piece of a script that gets included above every other script.
It simple defines the values I want to be sure of during the execution of my
scripts in that certain project.
Of course I could also try to overwrite ALL values in php.ini (that can can
overwritten with ini_set()), but these are the ones I picked.
---------------------------------
$iniSettings = array (
"short_open_tag" => "1",
// always on "track_vars" => "On",
"arg_separator.output" => "&",
"arg_separator.input" => "&",
"register_globals" => "0",
// magic quotes on
"magic_quotes_gpc" => "1",
"magic_quotes_runtime" => "0",
"register_argc_argv" => "1",
// max_execution_time defines the number of seconds a script may run
"max_execution_time" => "45",
// email stuff
"SMTP" => "smtp.xx.com",
"smtp_port" => "25",
// emailfrom not displayed here
"sendmail_from" => "X...@YY.com",
// Includepath!
"include_path" => ".;C:\Inetpub\wwwroot\XXXX\includes",
"default_mimetype" => "text/html",
"default_charset" => "ISO-8859-1",
// errorhandling
"error_reporting" => E_ALL,
// sessions
"session.save_handler" => "user",
"session.use_only_cookies" => "1",
"session.auto_start" => "0"
);
foreach ($iniSettings as $inikey => $inivalue){
ini_set($inikey, $inivalue);
// and test
if (ini_get($inikey) != $inivalue){
echo "UNRECOVERABLE INI-PROBLEM IN ini_settings.php.<br>";
echo "CANNOT SET $inikey to $inivalue.<br><h2>EXITING</h2>";
exit;
}
}
---------------------------------
Regards,
Erwin Moller