[Xerte] Re: latex/stripslashes/magic quotes etc

Paul Swanson Paul.Swanson at harlandfs.com
Mon Jan 21 17:48:12 GMT 2013


On my php applications, I use the following function before saving any data to the database:

// function for escaping and trimming form data
function escape_data ($data) {
    global $dbc;
    if (ini_get ('magic_quotes_gpc')) {
        $data = stripslashes ($data);
   }
    return mysql_real_escape_string (trim ($data), $dbc);
} // end of escape_data() function

It checks to see if magic_quotes_gpc is on, and if so, employs the stripslashes function, since magic_quotes adds slashes. If magic_quotes isn't on, it skips the stripslashes function. This function ensures that either configuration is handled.

$dbc in the function is the database connection resource variable.

Paul Swanson
Internal Business Systems Analyst
Internal Business Intelligence
Harland Financial Solutions
(800) 274-7280 Ext. 2462
Paul.Swanson at harlandfs.com

From: xerte-bounces at lists.nottingham.ac.uk [mailto:xerte-bounces at lists.nottingham.ac.uk] On Behalf Of Ron Mitchell
Sent: Monday, January 21, 2013 9:04 AM
To: 'Xerte discussion list'
Subject: [Xerte] latex/stripslashes/magic quotes etc

Hi all
this has been discussed previously but in different threads and I decided it would be worth summarising and checking this in a new thread...

In previous discussions it's clear that depending on php configuration previewing and/or publishing was/is stripping slashes to the point that latex code had all slashes removed and therefore didn't work. There was a suggestion of using ini_set( 'magic_quotes_gpc', true ); in save.php but it's not clear if that resolved the issue.

I have an installation (linux) where this is happening so as a test I turned on magic_quotes_gpc server wide but that hasn't resolved the issue. Also I read that magic quotes has been DEPRECATED as of PHP 5.3.0 and REMOVED as of PHP 5.4.0.

So what's the solution to this? Why is it working ok on the Nottingham install but not for me and others? Or is it?

Cheers
Ron


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.nottingham.ac.uk/pipermail/xerte/attachments/20130121/5d6fb2bc/attachment-0001.html>


More information about the Xerte mailing list