tags:

views:

75

answers:

4
+3  Q: 

How to remove \ before quotes in a input form

Hi when I post something on my site and use quotations in it I get something like this

\"

What do I need to do to my code to fix this?

+3  A: 

It’s probably Magic Quotes that’s causing this behavior. Try to disable them or remove them with stripslashes.

Gumbo  2010-01-05 08:20:25
Thanksphp_flag magic_quotes_gpc Off in the .htaccess file did fix it!
AskaGamer  2010-01-05 08:23:29
You didn't think to google "php remove slashes"? It's the first link... it even mentions "magic quotes" in the PHP.net documentation. Everything is there at your fingertips...
Mark  2010-01-05 08:28:32
Hi Mark, I enjoy using stackoverflow so I figure why not ask and continue to support SO.
AskaGamer  2010-01-05 08:31:41
No - don't use stripslashes except as a LAST resort.Magic quotes are deprecated and have never worked properly. The right way to solve this is to remove the magic_quotes settings from the php.ini (and other places where these values can be set).C.
symcbean  2010-01-05 14:17:42
+1  A: 

This is due to the PHP setting magic_quotes_gpc which is a mess to work with. You can use stripslashes to take away the slashes, but then the code won't work if the magic_quotes_gpc setting is off. Something like this will probably solve it for you:

<?php
$string = $_POST['msg'];
if(get_magic_quotes_gpc()) {
  $string = stripslashes($string);
}
?>

Or remove them altogether (this will work both with and without magic_quotes_gpc, good for the times when you can't change the server configuration):

<?php
if(get_magic_quotes_gpc()) {
  foreach(array('_POST', '_GET', '_COOKIE') as $gpc) {
    foreach($$gpc as $k => $v) {
      ${$gpc}[$k] = stripslashes($v);
    }
  }
}
?>
Emil Vikström  2010-01-05 08:22:26
+1 For providing code :)
AntonioCS  2010-01-05 09:07:05
A: 

You will need to use Stripslashes() to get it to output without them. Default about it is here

http://au.php.net/manual/en/function.stripslashes.php

kwhohasamullet  2010-01-05 08:23:11
A: 

Be sure to check whether it is the Magic quotes using the value of magic_quotes_gpc(). Use stripslashes on all values and read something about XSS. stripslashes() alone is not enough security.

When outputting the form values, make sure to format them properly, check out htmlspecialchars(), mysql_real_escape_string() or, if you use PDO, the quote() function.

Ralf MC  2010-01-05 08:24:52

related questions

Autosizing Textarea
Regular expression for parsing links from a webpage?
What are good tools for creating compiled HTML help files (.chm)?
Looking for WYSIWYG HTML editor
Any reason not to start using the HTML 5 doctype?
HTML comments break down
HTML Comments Markup
Setting a div's height in HTML with CSS
Wrapping lists into columns
Is a "Confirm Email" input good practice when user changes email address?
<XMP> Tag
HTML version choice
Options for HTML scraping?
How do you disable browser Autocomplete on web form field / input tag?
How do I make a checkbox toggle from clicking on the text label as well?
Html CSS Editor
Wordpress theme development offline tools
How do I give my web sites an icon for iPhone?
In HTML, how to word-break on a dash?
Detecting font in JavaScript
How do you test layout design across multiple browsers/OSs?
How do I print an HTML document from a web service?
Multiple submit buttons on a HTML form
How can I determine a web user's time zone?
Why doesn't the percentage width child in absolutely positioned parent work in IE7?