dmccabe Posted June 10, 2008 Share Posted June 10, 2008 when entering things in my form, if someone puts in an apostrophe ' then it is echo'd out as \' eg: O'brien = O\'brien Why is this? This is where the variable is set $surname = mysql_real_escape_string($_POST['surname']); If I echo out the $surname then it has the \, however if I echo out $_POST['surname'], then the \ is not there. Quote Link to comment Share on other sites More sharing options...
Lumio Posted June 10, 2008 Share Posted June 10, 2008 That's because of magic quotes. I'm using the following code to prevent of magic_quotes: <?php if (get_magic_quotes_gpc()) { //Magic Quotes enabled? $_POST = array_map('stripslashesinarray', $_POST); $_GET = array_map('stripslashesinarray', $_GET); $_COOKIE = array_map('stripslashesinarray', $_COOKIE); $_REQUEST = array_map('stripslashesinarray', $_REQUEST); } function stripslashesinarray($value) { return (is_array($value) ? array_map('stripslashesinarray', $value):stripslashes($value)); } ?> Put that code to the beginning of every PHP-page, where you need $_POST and so on. Quote Link to comment Share on other sites More sharing options...
gortron Posted June 10, 2008 Share Posted June 10, 2008 You can use stripslashes() to remove the slashes. Example: $name=stripslashes($name); Quote Link to comment Share on other sites More sharing options...
dmccabe Posted June 10, 2008 Author Share Posted June 10, 2008 Used a combination of both and got it going nicely. Thanks! Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.