PHP Form Post Question

pinchepunk

This question may be very simple but as I have not been able to find the answer anywhere, I thought I would ask. I am a beginner to PHP and creating forms to transfer data using the POST method. According to the text I am reading PHP will automatically escape data in transit when handling html forms.

For example, if someone were to enter the message I think that "programming" is cool. into a TEXTAREA, the resulting message on following web page should read exactly the same with the quotations and all, but my result is that it will include the PHP formatting in the new web page and read as I think that \"programming\" is cool.

Am I doing something wrong or is this an error in the text? If so, is there a way around this? I plan on creating a web page where people can leave comments and they may use special characters such as quotation marks or hypens in their messages and I certainly don't want the backslashes showing up in the messages when they are posted.

Thanks!!!

danielson2k

I believe you need to disable "magic_quotes_gpc" in php.ini

pinchepunk

I was just checking that and it is on. Is there a way for me to edit the php.ini file or do I have to ask my host to do that. Also, will this effect anything else?

dalecosp

Yes, this is a magic quotes issue.

No, if you're with a host, they're probably not going change the entire system for just one customer.

I could go on, but this'd be easier, and a good habit to get into before you get into storing stuff in a db:

echo stripslashes($yourtext);

pinchepunk

Got it! Thanks!!!

danielson2k

You can use ini_set to turn off magic_quotes temporarily, or you can use stripslashes to remove the slashes.

Magicquotes only affects incoming GET/POST/Cookie data, so disabling it won't affect anything else.