Daen Posted August 14, 2006 Share Posted August 14, 2006 Hi,Got a comments form that I'm trying to get to work on my website. People can post their writing and have others comment on it. So, I want the comments form to send an email to the author of the story being commented on. But, stripslashes isn't working as I expect it to. [code]function check_form($necessaryVars){ // ... other form processing above $commentText = mysql_real_escape_string(nl2br($commentText)); $subject = mysql_real_escape_string($subject) // insert $commentText into the database sendNotice($commentText, $subject); // end the form checking function}function sendNotice($commentText, $subject){ $commentText = stripslashes(str_replace("<br />", "", $commentText)); $subject = stripslashes($subject); echo $commentText; echo $subject; // assume necessary variables here are taken care of, except $commentText mail($authorEmail, $subject, $commentText, $from);}[/code]$commentText is taken from a textarea on an html form. If I input something like "Here's a comment." it comes out as "Here\'s a comment." even after the explicit call to stripslashes(). The really weird thing is it's working just fine on the call to clean up $subject.Does anyone have any ideas as to why this might be happening? I've got similar things happening on other pages of my site-- calls to [code]stripslashes(str_replace("<br />", "", $someText))[/code] -- and they all seem to work just great.I appreciate the help. Quote Link to comment Share on other sites More sharing options...
Caesar Posted August 14, 2006 Share Posted August 14, 2006 What happens if you add:[code]<?php$comment = $commentText;$filter = array("'", "\"");$replace = array(''', '"');$commentText = preg_replace($filter, $replace, $comment);?>[/code] Quote Link to comment Share on other sites More sharing options...
Caesar Posted August 14, 2006 Share Posted August 14, 2006 Alternatively, you can maybe do:[code]<?php$commentText = strip_tags(htmlspecialchars($commentText));?>[/code] Quote Link to comment Share on other sites More sharing options...
Daen Posted August 14, 2006 Author Share Posted August 14, 2006 When I try the first one I get a warning about no ending delimiter found, and I still get the slashes. I guess if you meant for me to try the preg_replace() instead of mysql_real_escape_string(), then that might work, but I'd rather not have to do that if possible... Especially since I've never had a problem with stripslashes() before like this. It just doesn't make any sense.I even tried assigning a separate holder variable for the commentText before I call mysql_real_escape_string(), and somehow the slashes even get in when I use the holder variable. It's really bizarre.I finally got it to work by using [code]$commentText = str_replace("\\", "", $commentText);[/code] Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.