Page 1 of 1

Do I htmlencode?

Posted: Wed Jan 28, 2004 9:08 am
by Klaws_wolverine
Hello all,

I have a form, I collect the data, data is then being sent to an intermediate page and form data is kept inside hidden html tags.

Data is then sent to a Domino parser, problem is that whenever there are quotation marks "", the final output becomes a slash \.

Is this my fault, or is this a Domino issue? Do I have to htmlencode this field that contains a \ whenever there are quotation marks?

UPDATE: Ok, I used htmlspecialchars(), and it works a little better now. Before, all text ended at the slash. But now, text still continues, I see the quotation marks now, however... there are still slashes. So it's like: hello, my name is /"mk/". How do I get rid of these damn slashes?
$desc = htmlentities($description); and I also tried with ENT_Quotes

Please let me know, if so, a snippet of code would be apreciated!
Thanks
MK

Posted: Wed Jan 28, 2004 10:02 am
by McGruff
Could be magic_quotes_gpc. http://www.pinkgoblin.com/quotesarticle.php

You must htmlspecialchars before printing submitted data to a form field, but don't escape until you perform a db query.

encodding

Posted: Wed Jan 28, 2004 10:05 am
by Klaws_wolverine
Well, nothing goes to the db.
After all form data is sent to a domino parsing file, all data goes to someone's inbox.

It's in the inbox that I see the slashes. In order to see what was causing slashes, I found it was quotation marks, I put everything in the db as well as sent it to the inbox.

all is Ok in my db, but not in the inbox.

Posted: Wed Jan 28, 2004 10:11 am
by McGruff
Did that link I gave you help?

Posted: Wed Jan 28, 2004 7:28 pm
by spaace
Can you use urlencode() before you pass it.