[vox-tech] php and forms question
Troy Arnold
vox-tech@lists.lugod.org
Mon, 6 Jan 2003 15:57:51 -0800
On Mon, Jan 06, 2003 at 02:54:44PM -0800, Peter Jay Salzman wrote:
> there's a page i've been tinkering with, off and on, to teach myself
> php. it's a cryptogram page:
>
> http://www.dirac.org/p/crypto/index.php
>
> i have some data that i pass using hidden form fields, like this:
>
> print "<FORM action=\"index.php\" method=\"post\">\n";
> print "<INPUT type=\"hidden\" name=\"PlainText\" value=\"$PlainText\">\n";
> print "<INPUT type=\"hidden\" name=\"CipherText\" value=\"$CipherText\">\n";
>
> when the user presses the submit button, any apostrophes or backslashes
> within $PlainText or $CipherText get backslashed. Like this:
> and so on. i'm not sure why or how the backslashes are entering the
> string. without really knowing why this is happening, i tried to remove
> the symptom by brute force:
They are in the string because you probably have something in your
php.ini like:
magic_quotes_gpc = On
That tells PHP to escape quotes and backslashes for (G)et (P)ost and
(C)ookies. Personally, I leave that setting off -- "don't mess with my
data unless I tell you to!"
Mr. Crawford mentioned the stripslashes() function, and I'd highly
recommend glancing through the function definitions in the PHP manual,
especially those for strings and arrays. I think you'll be surprised at
how many common tasks are already implemented.
> i'm kind of lost. any ideas?
Yeah, RTFM, you evil spammer.
:)
-t