On Sun, 2008-01-27 at 10:27 -0800, jekillen wrote: > Hello: > I have a form that has a textarea and I do not want to > disallow the use of single quote as apostrophe, or > for any other normal stylization. So I am using html > entities to change these characters into html entities. > But the function does not remove the escapes added > by the browser when sending the input. > Is there a special function in php for removing the \ escapes > as well? > My plan b would be to look for a similar function in javascript > and convert to html entities before the input is sent to the > server. > I want to screen for damaging code but do not want to > prevent legitimate use of punctuation. If the input in the > text field is then displayed as html (which it will be) I do > not want things like 'It\'s a nice day' showing up in the > html. Browser doesn't escape those quotes. You're PHP configuration has magic quotes enabled. See strip_slashes() if you must strip them. The preferable solution is to get rid of the magic quotes dependency but that's a longer topic and there's plenty on the net for you to read. Cheers, Rob. -- .------------------------------------------------------------. | InterJinn Application Framework - http://www.interjinn.com | :------------------------------------------------------------: | An application and templating framework for PHP. Boasting | | a powerful, scalable system for accessing system services | | such as forms, properties, sessions, and caches. InterJinn | | also provides an extremely flexible architecture for | | creating re-usable components quickly and easily. | `------------------------------------------------------------' -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
