|
|
Posted by Michael Fesser on 07/24/07 11:10
..oO(Sergei Riaguzov)
>Well then I will ask a lamer question, what is the best way to deal with
>situation when you have a textarea in a form and some text in some other
>place on the page, and everything which is written in the form is send to
>the same page via POST to the same textarea which produces slashes?
Slashes are produced by magic quotes, an old and absolutely broken
concept. Thankfully it will be removed in PHP 6. But for now you have to
call get_magic_quotes_gpc() to check if MQs are enabled. If that's the
case, call stripslashes() on the POST or GET values to get the raw data.
That's what you should always work with.
Then, when printing something out to an HTML page again, run it through
htmlspecialchars() to take care of these special chars that might break
your HTML (<, & and ").
Micha
Navigation:
[Reply to this message]
|