[Xerte] Re: latex/stripslashes/magic quotes etc

David Goodwin david at palepurple.co.uk
Tue Jan 22 09:36:39 GMT 2013

If magic quotes are enabled, then PHP will call addslashes on all user supplied input (e.g. $_POST['filedata']);

If magic quotes are turned off, the stripslashes will presumably break things.

Having stripslashes there is going to cause issues - as some sites/servers will have magic quotes turned on, others will have it turned off.

The code should do something like :

if(get_magic_quotes_gpc()) {
	$_POST['filedata'] = stripslashes($_POST['filedata']);

See : http://uk1.php.net/get_magic_quotes_gpc


On 22 Jan 2013, at 01:30, "Pat @ Pgogy" <xerte at pgogywebstuff.com> wrote:

> The reason the stripslashes is in there is because without that the file used to break and every speech mark was prefixed with a slash
> I don't know if anything has changed with this in php, but I'd be surprised.
> I would track the tex requests in console to see what is being sent
> Pgogy Webstuff - http://www.pgogywebstuff.com
> Makers of web things of a fair to middling quality
> On 21 Jan 2013, at 22:02, Paul Swanson <Paul.Swanson at harlandfs.com> wrote:
>> I think you might be safe, but Pat may be the only one who could really answer that.

Pale Purple Ltd.  (Company No: 5580814)
'Web and Mobile Application Development for Business'

Office: 0845 0046746     Mobile: 07792380669 

Follow us on Twitter: @PalePurpleLtd

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.nottingham.ac.uk/pipermail/xerte/attachments/20130122/acba36e9/attachment-0001.html>

More information about the Xerte mailing list