Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations gkittelson on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Filling a form with values...getting \" 1

Status
Not open for further replies.
RZillmer

RZillmer

Programmer
Nov 20, 2001
42
US
I have a submission form that has two buttons, preview and submit. When you preview the text written in, it appends the \ escape character before quotation marks. More previewing, more \.

I know if I monkeyed with it I could probably get it myself, but I was wondering if anyone else has encountered this problem and could give me a quick fix. Thanks
 
Sort by date Sort by votes
It's not a bug. It's a feature. It's the setting of the runtime configuration directive "magic_quotes_gpc". If that directive is set to "on", you'll get that.

You can either turn it off by changing the runtime directive, or use stripslashes() ( on your strings. ______________________________________________________________________
TANSTAAFL!
 
Upvote 0 Downvote
Yeah, I kinda figured it was supposed to happen.

I'm trying stripslashes and what I want it to do is flat out not working.

I have a page that on first load displays a form for submitting information. You have two options: submitting the info or previewing it. When I preview, the information is displayed as webpage. This part is displaying correctly now with stripslashes. Under the preview display, though, I put the submission form, filled in with the submitted values for editing and then submission or another preview. These I'm still having a problem with. An example of my code for displaying the form is this:

<INPUT name=&quot;title&quot; type=&quot;text&quot; size=&quot;50&quot; value=&quot;<?php print(stripslashes($title));?>&quot;><BR><BR>

If I enter [This is a &quot;test&quot;] in the input box and hit preview, the box is then populated with [This is a]

When I change the code to:

<INPUT name=&quot;title&quot; type=&quot;text&quot; size=&quot;50&quot; value=&quot;<?php print($title);?>&quot;><BR><BR>

I get [This is a \]

 
Upvote 0 Downvote
It's not a stripslashes() problem. Your browser is having a problem with the quotes.

Try this:
Code: 
<?php

print '
<html><body><form method=post action='.$PHP_SELF.'>
<input name=&quot;foo&quot;';

if (array_key_exists(&quot;foo&quot;, $_POST))
{
	print ' value=&quot;' . htmlentities(stripslashes($_POST['foo'])) . '&quot;';
}

print '><input type=submit></form></body></html>';

?>
______________________________________________________________________
TANSTAAFL!
 
Upvote 0 Downvote
Thanks! That works...now I just have to understand it because I refuse to just copy/paste without comprehending it.

Thanks again!
 
Upvote 0 Downvote
If you tell your browser

<input type=text value=&quot;he said, \&quot;foo!\&quot;.&quot;>

we and PHP are assuming that the two escaped quotes are part of the string and that the two unescaped strings delineate the string itself.

Your browser is thinking that the string begins at the first quote and ends at the second, and ignores the backslashes. So in my example above, the page would show [he said, \&quot;] as the value of the input. If you use stripslashes, the HTML code would be

<input type=text value=&quot;he said, &quot;foo!&quot;.&quot;>

so your browser would show the value as [he said, ].


Here's what's happening to your string in the code example in my previous post. Assume I input the text, [he said, &quot;foo!&quot;].

At the beginning of the script's run, the value of $_POST['foo'] is set to [he said, \&quot;foo!\&quot;]. the stripslashes function changes that to [he said, &quot;foo!&quot;]. The htmlentities function changes that to [he said, [ignore]&[/ignore]quote;foo![ignore]&[/ignore]quote;], which displays correctly. (HTML entity tags are hard to get write in Tek-Tips. That result of the last transformation should read [he said, *ampersand*quot*semicolon*foo!**ampersand*quot*semicolon*])

You can either store that last version of the text in your database or reverse the entity tag changes. See the section on get_html_translation_table() ( for more information. ______________________________________________________________________
TANSTAAFL!
 
Upvote 0 Downvote
Thanks a ton! Today I had found out about the &-quot-; and was worried I'd have to make some kind of search and replace function.

You pointed me to stripslashes() and htmlentities(), two functions I'm pretty sure I wouldn't have found on my own. Thanks again...my page is now working perfectly.
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

lexer
  • Locked
  • Question
Fetching Data from Mysql and filling Inputs in a Form
Replies
0
Views
148
lexer
lexer
P
  • Locked
  • Question
JPgraph - How to stop a line graph from dropping to zero?
Replies
2
Views
367
Chris Miller
Chris Miller
EdLentz
  • Locked
  • Question
I need a simple example of how to send a table of info .
Replies
8
Views
409
EdLentz
EdLentz
Gerrit Broekhuis
  • Locked
  • Question
PHP form with captcha and file upload
Replies
4
Views
202
Gerrit Broekhuis
Gerrit Broekhuis
Kennelbloke
  • Locked
  • Question
Returning PostCode to Form field 1
Replies
3
Views
192
Kennelbloke
Kennelbloke

Part and Inventory Search

Sponsor

Back
Top