[Xerte] Re: latex/stripslashes/magic quotes etc
David Goodwin
david at palepurple.co.uk
Tue Jan 22 09:36:39 GMT 2013
If magic quotes are enabled, then PHP will call addslashes on all user supplied input (e.g. $_POST['filedata']);
If magic quotes are turned off, the stripslashes will presumably break things.
Having stripslashes there is going to cause issues - as some sites/servers will have magic quotes turned on, others will have it turned off.
The code should do something like :
if(get_magic_quotes_gpc()) {
$_POST['filedata'] = stripslashes($_POST['filedata']);
}
See : http://uk1.php.net/get_magic_quotes_gpc
David.
On 22 Jan 2013, at 01:30, "Pat @ Pgogy" <xerte at pgogywebstuff.com> wrote:
> The reason the stripslashes is in there is because without that the file used to break and every speech mark was prefixed with a slash
>
> I don't know if anything has changed with this in php, but I'd be surprised.
>
> I would track the tex requests in console to see what is being sent
>
> Pgogy Webstuff - http://www.pgogywebstuff.com
> Makers of web things of a fair to middling quality
>
> On 21 Jan 2013, at 22:02, Paul Swanson <Paul.Swanson at harlandfs.com> wrote:
>
>> I think you might be safe, but Pat may be the only one who could really answer that.
>>
Pale Purple Ltd. (Company No: 5580814)
'Web and Mobile Application Development for Business'
http://www.palepurple.co.uk
Office: 0845 0046746 Mobile: 07792380669
Follow us on Twitter: @PalePurpleLtd
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.nottingham.ac.uk/pipermail/xerte/attachments/20130122/acba36e9/attachment-0001.html>
More information about the Xerte
mailing list