"Adam Richardson" <simpleshot@xxxxxxxxx> wrote in message news:AANLkTin_9_tFe9q+dC2HoYNSAVCCOYUEcuDkqd9198nW@xxxxxxxxxxxxxxxxx > On Tue, Nov 16, 2010 at 10:10 PM, Gary <gpaul@xxxxxxxxxxxxxxxx> wrote: > >> I was doing a test of stripslashes on a $_POST, when I recieved the >> email, >> all of the slashes were still in the data posted. >> >> I used : >> >> $fname = stripslashes($_POST['fname']); >> >> I input G\\a//r\y\\, and was expecting, according to the manuel >> G\a//r*y\, >> but got the original spelling. >> > > In this case, you should get the original, if I'm understanding correctly. > Think of it like a basic math problem: > > Step 1: Happens automatically when you submit the form and PHP receives > the > form variables > input + slashes = slashed_input > > Step 2: This happens when you call stripslashes. > slashed_input - slashes = input > > The goal of stripslashes is that it will undo what happened automatically > using magic_quotes_gpc (which essentially calls addslashes on the GPC vars > behind the scenes) so you'll end up with the original input. > > So, working through your example: > > 1. You inputted into a form G\\a//r\y\\ and submitted the form. > 2. PHP received G\\a//r\y\\ and added slashes (G\\\\a//r\\y\\\\). > 3. You called stripslashes (G\\a//r\y\\). > > > > >> >> I added: >> >> echo stripslashes($fname); and did get the expected result on the page, >> but >> not in the email from the $_POST. >> > > Here, you called stripslashes on something already stripped once, so you > now > have a new value (G\a//ry\). > > >> >> I also tried >> >> $fname = (stripslashes($_POST['fname'])); >> > > This would be no different than your attempt without enclosing > parentheses. > > Now, let me just say that I detest magic_quotes, and it's best to run with > them disabled so you don't even have to worry about this kind of issue > (they've been deprecated.) But, perhaps you were just trying to learn > about > some piece of legacy code. > > Hope the explanation helps, Gary. > > Adam > > -- > Nephtali: PHP web framework that functions beautifully > http://nephtaliproject.com > Adam Thanks for your reply. So if I disable magic_quotes, and I assume I can do that a script, then the stripslashes would work as the manuel said it would, meaning G\\a//r\y\\ becomes G\a//r'y\ I also assume that until php 6 is out and or I upgrade to it, I will have to deal with magic_quotes? Thank you for your help. Gary __________ Information from ESET Smart Security, version of virus signature database 5627 (20101117) __________ The message was checked by ESET Smart Security. http://www.eset.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
