All geek questions in one place

Problem with PHP escaping double quotes in HTML formats

I have a simple PHP script that I use to process a SQLite database. This is nothing unusual or complicated. But I noticed, looking at the records in the database, that everything that I enter in the form field with double quotes appears in the processing of forms, as if I avoided quotes with a backslash. Therefore, when I entered an entry with the name:

British light utility vehicle 10HP Tilly

what is displayed in the database:

British light utility vehicle 10HP \ "Tilly \"

I don't know where they come from, and even worse, even using the following preg_replace doesn't seem to delete them:

$name = preg_replace('/\\"/', '"', $_REQUEST['kits_name']);

If I unload $name, it still carries unwanted characters \.

+3
5

, , magic_quotes_gpc on php.ini. , :

if (get_magic_quotes_gpc())
{
   $mytext = stripslashes($your_text);
}

// and your further code....
+5

, magic_quotes_gpc.

ini_set(), , $_REQUEST()

function getRequest($key)
{
  $val = $_REQUEST[$key];
  if(get_magic_quotes_gpc() == 1) {
    $val = stripslashes($val);
  }
  return $val;
}

echo getRequest('kits_name');
+3

, ?

+2

, magic quotes.

, , .

doc, , .

+2

- .
, - , . , . , , .htaccess ( )

php_flag magic_quotes_gpc 0
php_flag magic_quotes_runtime 0

, ,

if ( get_magic_quotes_gpc( ) ) {
  $_GET = array_map_recursive('stripslashes', $_GET) ;
  $_POST = array_map_recursive('stripslashes', $_POST) ;
  $_COOKIE = array_map_recursive('stripslashes', $_COOKIE) ;
  $_REQUEST = array_map_recursive('stripslashes', $_REQUEST) ;
  if (isset($_SERVER['PHP_AUTH_USER'])) stripslashes($_SERVER['PHP_AUTH_USER']); 
  if (isset($_SERVER['PHP_AUTH_PW'])) stripslashes($_SERVER['PHP_AUTH_PW']);
}

php array_map_recursive, ,

function strips(&$el) { 
  if (is_array($el)) 
    foreach($el as $k=>$v) 
      strips($el[$k]); 
  else $el = stripslashes($el); 
}

.

$name, \.

htmlspecialchars function

0

Source: https://habr.com/ru/post/1743929/

More articles:


All Articles