htmlentities questions.

[tomfmason]

When I try something like this..

[code=php:0]
$text = htmlentities($_POST['text'], ENT_QUOTES);
echo $text;
[/code]

and say the text is this before processing..

[list][*]This is a single quote ' and this is a double "[/list]

This is what it looks like after words..

[list][*]This is a single quote \' and this is a double \"[/list]

I am wondering why the quotes are being escaped??

Should I strip the \'s or am I just missing something..

Thanks,
Tom

[wildteen88]

htmlentites shouldn't be doing that. Looks your server has setting called magic_quotes enabled. Which automatically escapes quotes returned from a function or user input. You're best of disabling magic_quotes either by editing the php.ini if you can. or by adding the following:
[code]php_flag magic_quotes_gpc Off
php_flag magic_quotes_runtime Off
php_flag magic_quotes_sybase Off[/code]
To a .htaccess file in your servers document root.

[tomfmason]

Could I use..

[code=php:0]
ini_set(magic_quotes_gpc, off);
[/code]

[tomfmason]

I just tested it and it changed nothing..

I have acess to the ini but I am unable to restart apache at this moment.. I guess that I should write a batch file for that..lol

Thanks,
Tom

[wildteen88]

No. As that doesnt fully turn of magic_quotes. that prevents magic quotes from escaping quotes in user input (GET, POST, COOKIE etc). It will not prevent magic quotes from escaping quotes that are in a string that is being retruned form a function. The only way to prevent this is to turn of magic_quotes_runtime in the php.ini, server config file or the .htaccess file.