rofl90 Posted March 31, 2008 Share Posted March 31, 2008 heres my code to edit a xhtml/php/javascript file: <?php session_start (); include "config.php"; include "classes/settings.php"; include "classes/user.php"; if($user->check_login() == "0") { header("Location: index.php"); exit(); } if($user->user_type("clientmanager") == "0") { header("Location: notallowed.php"); exit(); } ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /> <meta http-equiv="description" name="description" content="<?php echo $settings->description();?>" /> <meta http-equiv="keywords" name="keywords" content="<?php echo $settings->keywords(); ?>" /> <title><?php echo $settings->site_title(); ?>» Edit Sale</title> <link href="<?php echo $url; ?>/backend/css/style.css" rel="stylesheet" type="text/css" /> <script type="text/javascript" language="javascript"> function popUp(URL) { day = new Date(); id = day.getTime(); eval("page" + id + " = window.open(URL, '" + id + "', 'toolbar=0,scrollbars=1,location=0,statusbar=0,menubar=0,resizable=1,width=900,height=400,left = 540,top = 325');"); } // End --> </script> </head> <body> <div id="container"> <div id="top"> <div id="logo"></div> </div> <div id="navbar"> <div id="navbutton"><a href="<?php echo $url; ?>/backend/">Home</a></div> <div id="navbutton"><a href="<?php echo $url; ?>/">Site</a></div> <div id="navbutton"><a href="<?php echo $url; ?>/backend/pagemanager.php">Pages</a></div> <div id="navbutton"><a href="<?php echo $url; ?>/backend/clientmanager.php">Clients</a></div> <div id="navbutton"><a href="<?php echo $url; ?>/backend/newsmanager.php">News</a></div> <div id="navbutton"> <!--leave blank--> </div> </div> <div id="contentcontainer"> <div id="contentboxcontainer"> <!-- start side nav --> <div id="navboxcontainer"> <div id="navboxtop"></div> <div id="navboxmid"> <div id="sidenavbutton"><a href="<?php echo $url; ?>/backend/uploadfile.php">Upload File</a></div> <div id="sidenavbutton"><a href="<?php echo $url; ?>/backend/settings.php">Settings</a></div> <div id="sidenavbutton"><a href="<?php echo $url; ?>/backend/logs.php">Access Logs</a></div> <div id="sidenavbutton"><a href="<?php echo $url; ?>/backend/profile.php">My Profile</a></div> <div id="sidenavbutton"><a href="<?php echo $url; ?>/backend/usermanagement.php">User Management</a></div> <div id="sidenavbutton"><a href="<?php echo $url; ?>/backend/privatemessages.php">Private Messages</a></div> <div id="sidenavbutton"><a href="<?php echo $url; ?>/backend/sitenavigation.php">Site Navigation</a></div> <div id="sidenavbutton"><a href="<?php echo $url; ?>/backend/testimonials.php">Testimonials</a></div> <div id="sidenavbutton"><a href="<?php echo $url; ?>/backend/logout.php">Logout</a></div> </div> <div id="navboxbot"></div> </div> <div id="contentboxtop"></div> <div id="contentboxcontent"> <div id="title"> <?php include "welcome.php"; ?> </div> <?php if(isset($_POST['edit_html'])) { $fwrite = $_POST['html_body']; if($db->write_file("../index.php", "w+", $fwrite) == '1') { echo "(X)HTML Edited!"; } else { echo "Error! - (X)HTML not edited!"; } } ?> <form name="edithtml" action="?a=save" method="post"> <fieldset> <legend>File Name</legend> <input type="text" name="name_html" id="name_html" value="(X)HTML" readonly="readonly"/> </fieldset> <fieldset> <legend>(X)HTML Body</legend> <textarea rows="25" name="html_body" style="width:100%;" id="(x)html_body"><?php echo $db->read_file("../index.php", "r+"); ?></textarea> </fieldset> <fieldset> <legend>Edit (x)html</legend> <input type="submit" name="edit_html" id="name_html" value="Edit (X)HTML" /> </fieldset> </form> <br /> <br /> <br /> <br /> <br /> <br /> </div> <div id="contentboxbottom"></div> </div> <div id="clear"></div> <div id="footer"><?php echo $settings->footer(); ?> Powered by <?php echo $settings->get_ver(); ?></div> </div> </div> </body> </html> every time i submit it adds slashes, and doubles them if you do it more than once.. Link to comment https://forums.phpfreaks.com/topic/98754-adding-slashes-on-its-own/ Share on other sites More sharing options...
Northern Flame Posted March 31, 2008 Share Posted March 31, 2008 thats to prevent hack attempts, to avoid this, echo out your data like this: $variable = $_POST['html_body']; echo stripslashes($variable); or $variable = stripslashes($_POST['html_body']); echo $variable; Link to comment https://forums.phpfreaks.com/topic/98754-adding-slashes-on-its-own/#findComment-505358 Share on other sites More sharing options...
tibberous Posted March 31, 2008 Share Posted March 31, 2008 It's also a server setting, you can change it in your php.ini file. Link to comment https://forums.phpfreaks.com/topic/98754-adding-slashes-on-its-own/#findComment-505363 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.