Jump to content

Archived

This topic is now archived and is closed to further replies.

tomfmason

htmlentities questions.

Recommended Posts

When I try something like this..

[code=php:0]
$text = htmlentities($_POST['text'], ENT_QUOTES);
echo $text;
[/code]

and say the text is this before processing..

[list][*]This is a single quote ' and this is a double "[/list]

This is what it looks like after words..

[list][*]This is a single quote \' and this is a double \"[/list]

I am wondering why the quotes are being escaped??

Should I strip the \'s or am I just missing something..

Thanks,
Tom

Share this post


Link to post
Share on other sites
htmlentites shouldn't be doing that. Looks your server has setting called magic_quotes enabled. Which automatically escapes quotes returned from a function or user input. You're best of disabling magic_quotes either by editing the php.ini if you can. or by adding the following:
[code]php_flag magic_quotes_gpc Off
php_flag magic_quotes_runtime Off
php_flag magic_quotes_sybase Off[/code]
To a .htaccess file in your servers document root.

Share this post


Link to post
Share on other sites
I just tested it and it changed nothing..

I have acess to the ini but I am unable to restart apache at this moment.. I guess that I should write a batch file for that..lol

Thanks,
Tom

Share this post


Link to post
Share on other sites
No. As that doesnt fully turn of magic_quotes. that prevents magic quotes from escaping quotes in user input (GET, POST, COOKIE etc). It will not prevent magic quotes from escaping quotes that are in a string that is being retruned form a function. The only way to prevent this is to turn of magic_quotes_runtime in the php.ini, server config file or the .htaccess file.

Share this post


Link to post
Share on other sites

×

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.