memoir Posted May 12, 2009 Share Posted May 12, 2009 Sorry about the cryptic subject - kind of a weird problem that's hard to sum up. I'm working on an oooooold custom built store front. I recently upgraded the server it's running on to php 5 (from php 4) and for the most part, everything's working fine. I have come across a strange issue, however, when trying to store the checkout data. After the billing/shipping form is submitted, it's stored to an object like this inside a function and class: $this->CHECKOUT_DATA['bill_companyname'] = $_POST['bill_companyname'] Then, when you get to the 'verify your order page', it shows the billing/shipping data from a function inside the same class like this: COMPANY: $this->bill_companyname This used to work fine - and still does - unless the user enters quotes (single or double) - the problem may not stop there, but that's as far as I've tested. If a user enters quotes into any of the bill/ship fields, then the entire $this->CHECKOUT_DATA is empty (not just the one field, the entire array). I've tried escaping/specialchars... anything I can think of but to no avail. Any ideas? Link to comment https://forums.phpfreaks.com/topic/157825-values-in-this-with-quotes-and-php-5/ Share on other sites More sharing options...
jackpf Posted May 12, 2009 Share Posted May 12, 2009 Try doing print_r() on the array before and after quotes are entered, just to see what's in there. This seems like an odd problem. Link to comment https://forums.phpfreaks.com/topic/157825-values-in-this-with-quotes-and-php-5/#findComment-832418 Share on other sites More sharing options...
PFMaBiSmAd Posted May 12, 2009 Share Posted May 12, 2009 Have you done a "view source" in your browser to see exactly what is present in the output? It's likely that the quote in the output is breaking the HTML. If so, you need to use htmlentities() with the second parameter set to ENT_QUOTES Link to comment https://forums.phpfreaks.com/topic/157825-values-in-this-with-quotes-and-php-5/#findComment-832423 Share on other sites More sharing options...
memoir Posted May 12, 2009 Author Share Posted May 12, 2009 I'm sorry for the hassle, all. It appears that on a default install of PHP5, magic quotes gpc is ON. I should have caught that a long time ago. As soon as I disabled magic quotes, all my problems went away. To answer the questions above (so they weren't in vain ) With magic quotes gpc, a single quote any where in the object resulted in an empty object. If I did a print_r on the object, I got everything except that CHECKOUT_DATA. It existed, but it was empty. If there were no quotes, it was full of all the data I'd just typed in. PHP needs to just get rid of magic quotes! I hate that stuff! Link to comment https://forums.phpfreaks.com/topic/157825-values-in-this-with-quotes-and-php-5/#findComment-832430 Share on other sites More sharing options...
jackpf Posted May 12, 2009 Share Posted May 12, 2009 It's gone in 6 Anyway, you can turn it off with .htaccess. Tis what I do... Link to comment https://forums.phpfreaks.com/topic/157825-values-in-this-with-quotes-and-php-5/#findComment-832433 Share on other sites More sharing options...
PFMaBiSmAd Posted May 12, 2009 Share Posted May 12, 2009 They have finally gotten rid of magic_quotes in php6. The current php.net default/recommend settings in php5 is for them to be off. Link to comment https://forums.phpfreaks.com/topic/157825-values-in-this-with-quotes-and-php-5/#findComment-832435 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.