Jump to content

Archived

This topic is now archived and is closed to further replies.

xstevey_bx

Prevent Variable Escaping

Recommended Posts

I am trying to create a simple code generator where you enter details in a form and when you click submit the values you entered are writen into the code which changes it to your needs.

The problem is that I have a text box which you are able to write some html. However, whenever I call it in the code any of the [b]"[/b] or [b]'[/b]s in the code are changed to [b]\"[/b] or [b]..'[/b]

[code]
<?php
$friendid = $_POST['friends_id'];
$title = $_POST['myspace_title'];
$sideimage = $_POST['url_to_image'];
$aboutme = $_POST['about_me_text'];
$codetext = htmlentities($aboutme);

echo "<textarea rows='5' name='S1' cols='62'>". $codetext ." </textarea>"; ?>
[/code]

That is a simple version of the code im using with all the variables.

The link to the page is http://www.steveyb.com/pagefiles/portfolio/layouts/pages/image_side_corporate/

Is there anyway to have any html code typed into "about me" forum box, show up in the PHP without it being escaped?

thanks

Share this post


Link to post
Share on other sites
looms like you have magic quotes enabled whcih is why your quotes are being escaped. To stop it from the doing that you should turn magic quotes off by either edting the php.ini if your host allows it or you can do it via the htaccess file.

If you cannot edit the php.ini or use .htaccess files then you can use stripslashes function, which will remove the escape character from the quotes.

Share this post


Link to post
Share on other sites
I used the function which you suggested and it worked perfectly thanks :) I just didnt know the terminology to use when searching the net becuase im new to php!

;D

Share this post


Link to post
Share on other sites

×

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.