Jump to content

Turning Magic Quotes Off Broke My Code!

Wayniac

By Wayniac
in PHP Coding Help

 Share

Recommended Posts

Wayniac Member

Wayniac

Posted
Posted

Hello everyone,

 

This is an interesting issue and after a few OMGs and HOLY beeps I figured out why my code stopped working. First I wanted to get rid of my nasty "\" backslash from popping up every time I made an entry with a apostrophe, it would create a backslash before it. So I went into my "php.ini" and typed in "magic_quotes_gpc=off". Yay solution solved, and now backslashes were no more.

 

Now the lovely code I am going to post before you is what stopped working. Its suppose to do a search using the words I typed in and filter out only what matches, pretty standard. Except, what use to work beautifully, has now just stopped and nothing happens when I hit the submit.

 

Here is the code below: 

<?
//This is only displayed if they have submitted the form
if ($searching2 =="yes")
{
echo "<h2>Results</h2><p>";

//If they did not enter a search term we give them an error
if ($find2 == "")
{
echo "<p>You forgot to enter a search term";
exit;
}

// We preform a bit of filtering
$find2 = strtoupper($find2);
$find2 = strip_tags($find2);
$find2 = trim ($find2);

//Now we search for our search term, in the field the user specified
$data = mysql_query("SELECT * FROM album WHERE upper($field) LIKE'%$find2%'");

//And we display the results
while($myrow = mysql_fetch_array( $data ))
{

echo "<img src=\"get_image.php?image={$myrow['albumid']}\" width=\"50\" height=\"50\" border=\"1\" align=\"right\">";
echo ("<span class=\"TextoBaseLarge\">" . $myrow['title'] . "</span>");
echo "<b><br>Posted: </b><i>";
echo $myrow['dtime'];
echo "</i><b><br>Year: </b>";
echo $myrow['year'];
echo "</i> year(s)";
echo "</i><b><br>Month: </b>";
echo $myrow['month'];
echo "</i> month(s)";
echo "</i><b><br>State / Province: </b>";
echo $myrow['state'];
// Now print the options to (Read,Edit & Delete the entry)
echo "<br><a href=\"read_more.php?albumid=$myrow[albumid]\">Read Entry </a><br><br>";
echo "<hr align=left width=280 color=\"#4e592f\">";
}

//This counts the number or results - and if there wasn't any it gives them a little message explaining that
$anymatches=mysql_num_rows($data);
if ($anymatches == 0)
{
echo "Sorry, but we can not find an entry to match your query<br><br>";
}

//And we remind them what they searched for
echo "<b>Searched For:</b> " .$find2;
}
?>

 

Hopefully someone has encountered this problem and I can simply bonk myself on the head for an easy fix.

 

Thank you

Link to comment
https://forums.phpfreaks.com/topic/192643-turning-magic-quotes-off-broke-my-code/
Share on other sites
SchweppesAle Advanced Member

SchweppesAle

Posted
Posted

pretty sure they're phasing magic quotes out in php6(don't quote me).

 

Use mysql_real_escape_string() instead when inserting data.

http://php.net/manual/en/function.mysql-real-escape-string.php

 

You can remove slashes later by using stripslashes();

http://php.net/manual/en/function.stripslashes.php

 

 

Wayniac Member

Wayniac

Posted
  • Author
Posted

Thank you both for your quick and informative replies. I have here what is going to be outputted, along with an example code. Not sure how to implement it, am I in the right direction?

 

My code: 

$testimonial = mysql_real_escape_string($_POST['testimonial']);

 

Example code: 

echo stripslashes($_POST['testimonial']);

Wayniac Member

Wayniac

Posted
  • Author
Posted

Thank you so much, its working now!

 

I changed: 

$testimonial = mysql_real_escape_string($_POST['testimonial']);

 

To: 

$testimonial = stripslashes($_POST['testimonial']);

 

Should I be concerned  that I am not using "mysql_real_escape_string"? All I know about this is that its currently the newest way to pass it in the versions today.

Wayniac Member

Wayniac

Posted
  • Author
Posted

Sweet thank you, I also got some help from Stephen and he suggested to use this which works brilliantly.

 

$testimonial = mysql_real_escape_string(stripslashes($_POST['testimonial']));

 

Thank you everyone, you helped me HUGE!

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.