View Full Version : stripslashes() adds slashes ?!?

07-06-2005, 07:40 PM
Hi guys,

Here is some code:


// compose mail message
$strMailMsg = "From: " . $_POST['inputName']; // cut for example

// now output what they sent
echo "<p>{$_POST['inputName']}</p>";

That works fine except when I get the mail it has the backslashes before any quotes.

So I tried this:

Well, now the mail doesn't have the slashes but the echo output does. I even tried a new variable:


It seems the stripslashes() affects the $_POST['inputName'] variable which to me seems absurd because the $strMailMsg should not be 'connected' to the $_POST['inputName'] after it's been assigned.

What's going on ?


07-06-2005, 10:03 PM
I'm a little lost here, are you echoing via echo "<p>{$_POST['inputName']}</p>"; ? If so then you will need to stripslashes() the $_POST variable too, since I'm assuming this is an issue with magic_quotes adding slashes to the $_POST user input.

If that's not the case, can you post more of your code so we can see exactly what's happening and where?

07-06-2005, 10:57 PM

Sorry about that. My local machine has magic quotes off but the remote machine has them on and I was getting confused when testing my pages.

Here is what I did:




It seems alright. What do you think ?

07-06-2005, 11:07 PM
I use this solution from php.net in all my scripts, I just stick the whole thing in a file which I include at the top of every page to be sure:

function stripslashes_deep($value)
return (is_array($value) ? array_map('stripslashes_deep', $value) : stripslashes($value));

if (get_magic_quotes_gpc())
$_GET = array_map('stripslashes_deep', $_GET);
$_POST = array_map('stripslashes_deep', $_POST);
$_COOKIE = array_map('stripslashes_deep', $_COOKIE);

It effectively does what you just did but you will find it useful if you ever want to deal with more advanced arrays (particularly useful when you're dealing with checkboxes or multiple selection lists in forms).