Jump to content

[SOLVED] Reading/Writing to text file help.

shazman

By shazman
in PHP Coding Help

Recommended Posts

shazman Newbie

shazman

Posted
Posted

I have a page that gets it's content from a text file. When the user modifies the page's content and uses a single quote anywhere, it puts a slash in front of it.

Example: When you type "We're" it prints "We/'re" to the text file and displays that on the page.

How can I make it not print the slashes. It also does this for double quotes. This makes things difficult when the user is adding a hyperlink.

Link to comment
https://forums.phpfreaks.com/topic/109817-solved-readingwriting-to-text-file-help/
Share on other sites
DarkWater Member

DarkWater

Posted
Posted

Use this:

 

function unescape_data($string) {

  if (get_magic_quotes_gpc()) {

      return stripslashes($string);

   }

  else {

      return $string;

  }

}

 

You shouldn't need to escape data for writing it directly to a text file.

hitman6003 Newbie

hitman6003

Posted
Posted

before writing text into a file, use addslashes().... then when retrieving, use stripslashes() before displaying.

 

There's no reason to escape content in a text file. 

 

The whole purpose for magic_quotes_gpc was to prevent database injection attacks, because php developers, in the day of php 3, apparently couldn't be trusted to be smart enough to prevent it.  It has nothing to do with text files, and should most certainly be disabled if possible.  In php 6 magic_quotes_gpc won't even exist (along with register_globals), so this won't even be an issue.

 

Darkwater's response is a viable method of removing the slashes if you can not disable the directive in php.ini.

DarkWater Member

DarkWater

Posted
Posted

before writing text into a file, use addslashes().... then when retrieving, use stripslashes() before displaying.

 

There's no reason to escape content in a text file. 

 

The whole purpose for magic_quotes_gpc was to prevent database injection attacks, because php developers, in the day of php 3, apparently couldn't be trusted to be smart enough to prevent it.  It has nothing to do with text files, and should most certainly be disabled if possible.  In php 6 magic_quotes_gpc won't even exist (along with register_globals), so this won't even be an issue.

 

Darkwater's response is a viable method of removing the slashes if you can not disable the directive in php.ini.

 

Indeed. =P  Never rely on magic_quotes_gpc.

Archived

This topic is now archived and is closed to further replies.

Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.