Hello and welcome to our community! Is this your first visit?
Register
Enjoy an ad free experience by logging in. Not a member yet? Register.
Results 1 to 4 of 4
  1. #1
    Mega-ultimate member
    Join Date
    Jun 2002
    Location
    Winona, MN - The land of 10,000 lakes
    Posts
    1,855
    Thanks
    1
    Thanked 45 Times in 42 Posts

    htmlentities converts too much on single quotes

    I've got the following in my code...

    Code:
    $logData=htmlentities($_POST['logData'],ENT_QUOTES);
    when I post the form, and print the $logData variable, I get the following...

    input = "What's up?"
    output = "What\'s up?"



    I want the output to be...

    output = "What's up?"


    I don't want that leading slash. Any ideas?

  • #2
    Senior Coder Nightfire's Avatar
    Join Date
    Jun 2002
    Posts
    4,266
    Thanks
    6
    Thanked 48 Times in 48 Posts
    Could try using stripslashes()

  • #3
    Senior Coder
    Join Date
    Jun 2002
    Location
    frankfurt, german banana republic
    Posts
    1,848
    Thanks
    0
    Thanked 0 Times in 0 Posts
    That's probably due to magic_quotes_gpc activated. It's one of those goodies some PHP developers put into the code, and everyone dislikes because it makes things so... uncertain and fuzzy. Bascially it escapes all quotes etc. before the value reaches your PHP script, which screws up any value comparisons of course and leads to astonishment to those who encounter it the first time.

    If you can, disable it in your php.ini. If you can't do that, you have to manually clean the GPC values you need before you further process them. Here's some sample code that can be used for that:

    PHP Code:
    /**
    *    Cleans GET variables of unnecessary magic_quotes junk.
    *    @param    mixed    Associative array of GPC variables or single value
    *    @return    mixed    Cleaned value/array.    
    */
    function cleanValues($value) {
        if (
    get_magic_quotes_gpc()) {
            if (!
    is_array($value)) {
                return 
    stripslashes($value);
            } else {
                return 
    array_map('cleanValues'$value);    
            }
        }
        return 
    $value;            
    }

    if (
    count($_POST)) {
        
    $_POST cleanValues($_POST);
            
        
    $logData htmlentities($_POST['logData'], ENT_QUOTES);
        print 
    $logData;

    De gustibus non est disputandum.

  • #4
    Mega-ultimate member
    Join Date
    Jun 2002
    Location
    Winona, MN - The land of 10,000 lakes
    Posts
    1,855
    Thanks
    1
    Thanked 45 Times in 42 Posts
    Great. Thanks, now one quick related question,

    I'm running on an IIS 6 with php 4.3 and according to ini_set in the php manual, magic_quotes_gpc has a setting of "PHP_INI_PERDIR" which means you can change the setting in the php.ini, .htaccess or htttpd.conf.

    Now, since I'm on IIS (no httpd.conf nor .htaccess) does php still look to see if there's a .htaccess file?

    If so, what would I add to that file to make the change?

    Thanks


  •  

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •