Jump to content

Strip Slashes

spacepoet

By spacepoet
in PHP Coding Help

 Share

Recommended Posts

spacepoet Advanced Member

spacepoet

Posted
Posted

Hi:

 

Is this the proper way to remove slashes from apostrophes:

if ($_SERVER['REQUEST_METHOD'] == 'POST')
{

$myTitle = mysql_real_escape_string(stripslashes($_POST['myTitle']));
$myDesc = mysql_real_escape_string(stripslashes($_POST['myDesc']));
$myHeader = mysql_real_escape_string(stripslashes($_POST['myHeader']));
$mySubHeader = mysql_real_escape_string(stripslashes($_POST['mySubHeader']));
$myPageData = mysql_real_escape_string(stripslashes($_POST['myPageData']));

 

It seems to work fine, I'd just like to clarify I'm not missing anything.

 

Thanks!

Link to comment
Share on other sites
spacepoet Advanced Member

spacepoet

Posted
  • Author
Posted

Hi:

 

I'm sure magic_quotes is because whenever I use an apostrophe in a text field or textarea, a "slash" gets added.

 

But adding the "stripmagicslashes" like I did fixed it.

 

What you posted, can that be used as an included file - like a functions library - to remove slashes?

 

Thanks.

Link to comment
Share on other sites
AbraCadaver Newbie

AbraCadaver

Posted
Posted

Hi:

 

I'm sure magic_quotes is because whenever I use an apostrophe in a text field or textarea, a "slash" gets added.

 

But adding the "stripmagicslashes" like I did fixed it.

 

What you posted, can that be used as an included file - like a functions library - to remove slashes?

 

Thanks.

 

This is useful if you are on shared hosting, may move hosts and/or distribute your app to others.  If so, then yes it could be part of an include that you use to initialize your app.

 

If you have and always will have control of your server settings then this isn't needed.

Link to comment
Share on other sites
spacepoet Advanced Member

spacepoet

Posted
  • Author
Posted

I believe I just answered my own question:

 

include('../include/myCodeLib.php');

 

myCodeLib.php

<?php

//STRIP SLASHES
if(get_magic_quotes_gpc()) {
   $_POST = array_map('stripslashes', $_POST);
}

?>

 

 

Page.php

if ($_SERVER['REQUEST_METHOD'] == 'POST')
{

$myTitle = mysql_real_escape_string($_POST['myTitle']);
$myDesc = mysql_real_escape_string($_POST['myDesc']);
$myHeader = mysql_real_escape_string($_POST['myHeader']);
$mySubHeader = mysql_real_escape_string($_POST['mySubHeader']);
$myPageData = mysql_real_escape_string($_POST['myPageData']);

 

Seems to work just fine!

 

Thanks for the tip!

 

Link to comment
Share on other sites
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.