Page 1 of 1

Two small questions

Posted: Sat Jan 17, 2004 1:18 pm
by joetheeskimo5
1. How can I prvent PHP from automatically escaping text submitted through a form? Whenever PHP came to a ' symbol, it would automatically escape it. I don't want this because the text entered into the form is going to be displayed on the web page, and I don't want it do say "I''m" or "You''re".

2. How can I use the echo() function and then once it's displayed the text to save the file? To be more clear, I have a form. The user enters their username and comments. When they submit, they're brought to a page called comments.php, and they'll see their username and comments displayed on that page. I know how to do all that. What I'd like is for it to display their form info, and then save it to the file, so when someone else comes along, they'll see their info PLUS the first user's info.

I hope I was clear enough. :? Thanks in advance for your help.

Joe

Posted: Sat Jan 17, 2004 1:22 pm
by Straterra
Use stripslashes(). I will remove all of the escaping.

Posted: Sat Jan 17, 2004 1:31 pm
by phpcoder
Just put all info in to database and make user name primary key , so when user visit next time u can fetch all info from database thro username .

Posted: Sat Jan 17, 2004 1:48 pm
by joetheeskimo5
Staterra: Where should I put the stripslashes() function? before the echo() function?

phpcoder: Ehm....I didn't quoite understanmd that; could you explain how to do that?

Posted: Sat Jan 17, 2004 1:51 pm
by Straterra
stripslashes($_POST['blabla']);

Posted: Sat Jan 17, 2004 1:59 pm
by phpcoder
Whenever you want to save any info for later use or for any other purpose there are two ways of doing one is by creating database and save all info in tables and other is creating files but later one is not recommanded, coz very difficult to search and update etc so best is to use database . As far as i understand ur que i think u wanna save user info .

Posted: Sat Jan 17, 2004 2:02 pm
by vigge89
first, when you submit the form, add slashes (with addslashes($string) ).
and then when you want to remove the slashes, just use stripslashes($string)...

Posted: Sat Jan 17, 2004 2:12 pm
by Straterra
Why would you want to add the slashes when PHP automatically escapes the characters?

Posted: Sat Jan 17, 2004 2:17 pm
by DuFF
If you do run addslashes on it, watch out:

From PHP.net
The PHP directive magic_quotes_gpc is on by default, and it essentially runs addslashes() on all GET, POST, and COOKIE data. Do not use addslashes() on strings that have already been escaped with magic_quotes_gpc as you'll then do double escaping. The function get_magic_quotes_gpc() may come in handy for checking this.

Posted: Sat Jan 17, 2004 2:22 pm
by joetheeskimo5
Alright, I understand now. Thanks everyone for your help.

btw, I'm using stripslashes not addslashes, so no need to worry...

Joe