Announcement

Collapse
No announcement yet.

escaping characters regardless of server's config?

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • escaping characters regardless of server's config?

    Hi.

    I'm trying to develop a script for distribution, and need to have it insert information into a database....

    now, here's the question. Since it will be running on multiple servers with unknown php.ini configurations, I need to have it work (escape ",', etc.) regardless of the server's settings for magic_quotes_runtime and magic_quotes_gpc....

    Anyone have any ideas on the best way to do this? Specifics are always welcome lol...

    TYIA.

  • #2
    Before inserting: addslashes("text");

    After retrieval: stripslashes("text");

    Another function you can use is quotemeta();


    These are all documented in the PHP manual under string functions.
    Translations provided by Google.

    Wayne Luke
    The Rabid Badger - a vBulletin Cloud demonstration site.
    vBulletin 5 API

    Comment


    • #3
      Thanks....

      but won't the characters get double escaped if the server is automatically doing it?

      Comment


      • #4
        Not if you force it off like vBulletin does....

        PHP Code:
        // get rid of slashes in get / post / cookie data
        function stripslashesarray (&$arr) {
          while (list(
        $key,$val)=each($arr)) {
            if ((
        strtoupper($key)!=$key or "".intval($key)=="$key") and $key!="templatesused" and $key!="argc" and $key!="argv") {
              if (
        is_string($val)) {
                
        $arr[$key]=stripslashes($val);
              }
              if (
        is_array($val)) {
                
        $arr[$key]=stripslashesarray($val);
              }
            }
          }
          return 
        $arr;
        }


        if (
        get_magic_quotes_gpc() and is_array($GLOBALS)) {
          
        $GLOBALS=stripslashesarray($GLOBALS);
        }
        set_magic_quotes_runtime(0); 
        Translations provided by Google.

        Wayne Luke
        The Rabid Badger - a vBulletin Cloud demonstration site.
        vBulletin 5 API

        Comment

        widgetinstance 262 (Related Topics) skipped due to lack of content & hide_module_if_empty option.
        Working...
        X