Help with php forms

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
nickk
Forum Newbie
Posts: 7
Joined: Sun Feb 12, 2006 9:56 am

Help with php forms

Post by nickk »

Hi,

Im building a project that allows someone to add, edit, and delete a certain entry. Now this entry has all different types of characters, so ', /, \, etc. Im having problems with this. When I add an entry, i use the addslashes function, and when I display/edit them I use the strip slashes function, allthough this doesnt allways work. For example, when I make a new entry that looks like this: c:\oij'\/\
it comes out looking like this: c:oij'/ and then when I edit it again, it looks like this: c:\oij

Can someone please help me with these types of characters
User avatar
nickman013
Forum Regular
Posts: 764
Joined: Sun Aug 14, 2005 12:02 am
Location: Long Island, New York

Post by nickman013 »

nickk
Forum Newbie
Posts: 7
Joined: Sun Feb 12, 2006 9:56 am

Post by nickk »

how does this solve my problem?
User avatar
nickman013
Forum Regular
Posts: 764
Joined: Sun Aug 14, 2005 12:02 am
Location: Long Island, New York

Post by nickman013 »

Code: Select all

$noslashes = str_replace("\", "", $stringtoreplace);
nickk
Forum Newbie
Posts: 7
Joined: Sun Feb 12, 2006 9:56 am

Post by nickk »

the problem is all these characters get added to the database, but when i try to view them or edit them that some of them dont show up, etc. and if i replace them with nothing, how do i put trhese characters back, because they are needed
matthijs
DevNet Master
Posts: 3360
Joined: Thu Oct 06, 2005 3:57 pm

Post by matthijs »

when magic_quotes is enabled, slashes are added automaticly. You don't want that so
- check for the setting of magic_quotes_gpc
- if enabled use stripslashes to get rid of the added slashes
- else do nothing
- then if you output the data to a database use mysql_real_escape_string() (in case of an mysql database) to escape 'dangerous/unwanted' characters

Now all data is in the db as wanted, without any redundant slashes.
d3ad1ysp0rk
Forum Donator
Posts: 1661
Joined: Mon Oct 20, 2003 8:31 pm
Location: Maine, USA

Post by d3ad1ysp0rk »

In theory, this should be true:

Code: Select all

<?php
$string = "C:\directory\file.jpg";

$safeString  = addslashes($string);
$printableString = stripslashes($safeString);

echo "safeString = " . $safeString . "<br/>";
// safeString = C:\\directory\\file.jpg

echo "printableString = " . $printableString . "<br/>";
//printableString = C:\directory\file.jpg
?>
And when tested on my system, it does just that.

It must be something with your code, whether it's the order you put the functions, or maybe that you forgot to use add/stripslashes after/before editing?
Post Reply