I wrote a program kind of like a guest book. The problem is whenever someone inputs a " or ' or any other weird symbol like that, it writes it into a file, and then reads the whole guest book out of the file in a weird fashion. it outputs every " and ' as \" and \' and ... well you get my point, do you have any idea why backslashes are read out of the file if no one even wrote them. I don't know if it helps, but i used a new element i never used before called
htmlentities
i thought it had something to do with it, but deleting it didn't fix the problem either. If someone has some ideas it would be greatly appriciated :D
[web] PHP
http://en.wikipedia.org/wiki/Escape_character
Some characters are special. In code " means beginning or end of a string. To actually get a " character, you need to type \" so the program knows that you mean the quote character, not the symbol that means the beginning or end of a string. Either the user's browser or your code is auto-escaping the characters for you.
-me
Some characters are special. In code " means beginning or end of a string. To actually get a " character, you need to type \" so the program knows that you mean the quote character, not the symbol that means the beginning or end of a string. Either the user's browser or your code is auto-escaping the characters for you.
-me
You probably have magic quotes enabled. Disabling it will probably fix your problem. To get rid of the slashes in the existing files, you can use the stripslashes function.
Remember to escape every input you get. If you write it to a text file there should be no problem (propably). But it is also necessary to escape the data you show to your visitor.
htmlentities
addslashes
removeslashes
when you use a database for example mysql you also need to escape the data that goes into the database. Look at mysql_real_escape_string or use prepared statements (highly recommended).
htmlentities
addslashes
removeslashes
when you use a database for example mysql you also need to escape the data that goes into the database. Look at mysql_real_escape_string or use prepared statements (highly recommended).
This topic is closed to new replies.
Advertisement
Popular Topics
Advertisement