text received via POST

[Heinz]

Hi All

I am sending a textarea field via POST to a form.

What happens is that all occurences of ' " and & in the text received via
$_POST[] in that form are now preceded by a \

What is causing this and how can I avoid it ?

I would like to receive the text as seen in the textarea field.

I am using php 4.2.1

Thanks in advance
Heinz

[Shawn Wilson]

Try stripslashes().

Regards,
Shawn
--
Shawn Wilson
sh...@glassgiant.com
http://www.glassgiant.com

[Kevin Thorpe]

$plaintext = stripslashes($text);

They're being added automatically by your php settings to protect you
from SQL insertion attacks.

[Michael Fuhr]

Kevin Thorpe <ke...@pricetrak.com> writes:

> > I am sending a textarea field via POST to a form.
> >
> > What happens is that all occurences of ' " and & in the text received via
> > $_POST[] in that form are now preceded by a \
> >
> > What is causing this and how can I avoid it ?
> >
> > I would like to receive the text as seen in the textarea field.
> >
> > I am using php 4.2.1
>

> $plaintext = stripslashes($text);
>
> They're being added automatically by your php settings to protect you
> from SQL insertion attacks.

...specifically, by the setting of magic_quotes_gpc, which you can check
by calling get_magic_quotes_gpc(). It's a good idea to make this
check before calling addslashes() or stripslashes() on form data
to find out if altering the data is necessary. If you neglect to
make this check, then the code will probably misbehave if the setting
of magic_quotes_gpc is ever changed.

--
Michael Fuhr
http://www.fuhr.org/~mfuhr/

[Heinz]

"Heinz" <lullu...@yahoo.com> wrote in message
news:bpfu9b$1nhcig$1...@ID-25174.news.uni-berlin.de...

Thanks to ALL of you for helping me here.
I use now :

if (get_magic_quotes_gpc())
$text=stripslashes($text);

and it works :-)

Cheers
Heinz