Wrox Programmer Forums
|
BOOK: Beginning PHP4/PHP 5 ISBN: 978-0-7645-4364-7; v5 ISBN: 978-0-7645-5783-5
This is the forum to discuss the Wrox book Beginning PHP4 by Wankyu Choi, Allan Kent, Chris Lea, Ganesh Prasad, Chris Ullman; ISBN: 9780764543647
Welcome to the p2p.wrox.com Forums.

You are currently viewing the BOOK: Beginning PHP4/PHP 5 ISBN: 978-0-7645-4364-7; v5 ISBN: 978-0-7645-5783-5 section of the Wrox Programmer to Programmer discussions. This is a community of software programmers and website developers including Wrox book authors and readers. New member registration was closed in 2019. New posts were shut off and the site was archived into this static format as of October 1, 2020. If you require technical support for a Wrox book please contact http://hub.wiley.com
 
Old June 8th, 2004, 11:09 AM
Registered User
  
Join Date: Jun 2004
Posts: 2
Thanks: 0
Thanked 0 Times in 0 Posts
Send a message via AIM to kellenjb
Default Chapter 10 Editor Problems
In chapter ten on the editor script when ever I have either a “ or a ‘ in the script it adds a / before the “ or ‘. I tried to find what is causing this but have had no luck. I know the script is copied correctly because I downloaded the script and got the same problem.
Thanks
 
Old June 8th, 2004, 06:21 PM
richard.york's Avatar
Wrox Author
  
Join Date: Jun 2003
Posts: 1,706
Thanks: 0
Thanked 6 Times in 6 Posts
Default
The forward slashes are added to all data that comes into a PHP script from outside sources. This prevents a malicious user from running DB quries or executing script directly from your form input fields. This is called the magic_quotes_gpc directive. gpc stands for GET, POST and COOKIE, the three methods of outside input.

To get rid of the slashes you have to run stripslashes() on the data before outputting it for display, but not before storing in a DB, as this would allow the vulnerability I just mentioned.

http://www.php.net/stripslashes
http://www.php.net/addslashes

Regards,
Rich

::::::::::::::::::::::::::::::::::::::::::
The Spicy Peanut Project
http://www.spicypeanut.net
::::::::::::::::::::::::::::::::::::::::::
 
Old June 8th, 2004, 08:07 PM
Registered User
  
Join Date: Jun 2004
Posts: 2
Thanks: 0
Thanked 0 Times in 0 Posts
Send a message via AIM to kellenjb
Default
How could I get this to work when I am editing a full page? The part I have most problems with is:

<p class="date">May 12</p><p class="content">etc<p>

and it changes it to

<p class=/"date/">May 12</p><p class=/"content/">etc<p>

I know richard has the problems found and knows how to fix it, I just can't get it to work with what im doing.
 
Old June 8th, 2004, 08:14 PM
Friend of Wrox
  
Join Date: Nov 2003
Posts: 1,285
Thanks: 0
Thanked 2 Times in 2 Posts
Default
My guess is that you're doing it something like this:

echo "<p class='" . $date . "'>May 12</p><p class='" . $content . "'>etc</p>";

Try this instead:

$date = stripslashes($date);
$content = stripslashes($content);
echo "<p class='" . $date . "'>May 12</p><p class='" . $content . "'>etc</p>";

HTH,

Snib

<><
 
Old June 8th, 2004, 08:16 PM
richard.york's Avatar
Wrox Author
  
Join Date: Jun 2003
Posts: 1,706
Thanks: 0
Thanked 6 Times in 6 Posts
Default
Ok, sorry I misspelled the function...it's stripslashes not strip_slashes.

Right, if you're editing a page of content, as in a textarea or something like that you can strip out the slashes by putting the variable containing the content through stripslashes.

echo stripslashes($_POST['content']);

Now your HTML source won't have the forward slashes in the source.

Regards,
Rich

::::::::::::::::::::::::::::::::::::::::::
The Spicy Peanut Project
http://www.spicypeanut.net
::::::::::::::::::::::::::::::::::::::::::





Similar Threads
Thread Thread Starter Forum Replies Last Post
Problems with the editor example in ch 10 arne Beginning PHP 4 August 21st, 2004 02:24 PM
Chapter 10 editor.php Tachyon BOOK: Beginning PHP4/PHP 5 ISBN: 978-0-7645-4364-7; v5 ISBN: 978-0-7645-5783-5 2 March 17th, 2004 10:37 PM
Beginning php 4 chapter 10 problems dakey Beginning PHP 3 February 13th, 2004 06:21 PM
Editor problems with 2003 Jerry VS.NET 2002/2003 0 July 5th, 2003 08:54 PM
Beginning php 4 chapter 10 problems ade Beginning PHP 2 June 19th, 2003 02:43 PM




Contact Us - Wrox - Privacy Statement - Top

Powered by vBulletin®
Copyright ©2000 - 2020, Jelsoft Enterprises Ltd.
Copyright (c) 2020 John Wiley & Sons, Inc.