textarea issue \\\\\\\\r\\\\\\\\n\\\\\\\\r\\\\\\\\n\\\\\\\\r\\\\\\\

$php_mysql$ · August 18, 2011

after i used real_escape_string in the post textarea field i get \\\\\\\\r\\\\\\\\n\\\\\\\\r\\\\\\\\n\\\\\\\\r\\\\\\\ along with the message in textarea everytime i sumbit the page. how to get rid of them?

Nodral · August 18, 2011

$clean=implode('\',"\\\\\\\\r\\\\\\\\n\\\\\\\\r\\\\\\\\n\\\\\\\\r\\\\\\\");
$cleaner=explode($clean);

Dirty, but does the job

TeNDoLLA · August 18, 2011

If you do var_dump($_POST['name_of_textarea']); instantly after posting the form before doing anything to the value does it really give you that as a value? Since mysql_real_escape_string should not produce a string like that.

cssfreakie · August 18, 2011

It looks like you have magic quotes enabled.

go in to php.ini and check if it is enabled, if so put it off.

If you don't have access to php.ini

use stripslashes instead

There are quite some articles written about this. but if you can disable magic quotes do that

$php_mysql$ · August 18, 2011

see i use this function to clean my $_POSTS

function clean($str) {
		$str = @trim($str);
		if(get_magic_quotes_gpc()) {
		$str = stripslashes($str);
		$str = htmlspecialchars($str);
	}
	return mysql_real_escape_string($str);		
    }

requinix · August 18, 2011

And how about the code that uses it? Everything between when it uses $_POST and when it creates the SQL queries.

KevinM1 · August 18, 2011

Why are you using htmlspecialchars only when magic quotes are turned on? And why are you using '@' to squelch errors on trim, of all things?

cssfreakie · August 18, 2011

in addition to nightslyr,

mysql_real_escape_string requires a connection, if you don't have that nothing will happen. (so your function won't return anything)

can you place this above your script:

error_reporting(E_ALL);
ini_set("display_errors", 1);

and report what errors you get?

$php_mysql$ · August 18, 2011

code that uses it is like this

$data['description'] = clean($data['description']);

well my magic quotes are turned off. ok so right not while checking error im using this clean function so what if i use it just before interting data into db does it make sense

so i use it like

description = '".clean($postData['description'])."',

while data being inserted? and yes i removed htmlspecialchars that was a mistake

$php_mysql$ · August 18, 2011

after adding that other than unidentified variables in my form which are related to my form check i get nothing else

Sign In

textarea issue \\\\\\\\r\\\\\\\\n\\\\\\\\r\\\\\\\\n\\\\\\\\r\\\\\\\

Recommended Posts

$php_mysql$

Link to comment

Share on other sites

Nodral

Link to comment

Share on other sites

TeNDoLLA

Link to comment

Share on other sites

cssfreakie

Link to comment

Share on other sites

$php_mysql$

Link to comment

Share on other sites

requinix

Link to comment

Share on other sites

KevinM1

Link to comment

Share on other sites

cssfreakie

Link to comment

Share on other sites

$php_mysql$

Link to comment

Share on other sites

$php_mysql$

Link to comment

Share on other sites

Join the conversation

Browse

Activity

Important Information