Hi All,
I cannot turn off magic quotes, since I am just leasing space from a hosting
company, and they determine the magic_quotes settings. I realize in
retrospect that using a .htaccess file to turn magic quotes would probably
be better, and I am going to switch to that solution, but I am still trying
to figure out what is causing my current problem:
I am using the following code to automatically strip out any slashes that
were added automagically by gpc_magic_quote s:
$_POST = array_stripslas hes($_POST);
// Takes the passed array, and strips and escaping slashes out of
any strings in the array.
// This is a recursive function capable of handling multidimensiona l
arrays
function array_stripslas hes($data)
{
do{
$pair = each($data); // Get the next key-value
pair from the array
if($pair === false)
break;
$key = $pair[0]; // This is just for
readability
$val = $pair[1];
if(is_array($va l))
$val = Utility::array_ stripslashes($v al);
elseif(is_strin g($val))
$val = stripslashes($v al);
$data[$key] = $val;
}while(true);
return $data;
}
Now, I test it several times and it appears to be working fine. But, I just
got an error report from a user, with agent "Mozilla/4.0 (compatible; MSIE
5.0; CS 2000 6.0; Windows 98; DigExt)", and when they clicked on a submit
button, all the POST data was lost. Interestingly enough,
$GLOBALS['HTTP_RAW_POST_ DATA'] was populated with all the form fields I
would have expected to be in $_POST (although raw, of course, not parsed
into variables).
Is my code broken? Or is this a bug in PHP? Or what?
Sincerely,
-Josh
I cannot turn off magic quotes, since I am just leasing space from a hosting
company, and they determine the magic_quotes settings. I realize in
retrospect that using a .htaccess file to turn magic quotes would probably
be better, and I am going to switch to that solution, but I am still trying
to figure out what is causing my current problem:
I am using the following code to automatically strip out any slashes that
were added automagically by gpc_magic_quote s:
$_POST = array_stripslas hes($_POST);
// Takes the passed array, and strips and escaping slashes out of
any strings in the array.
// This is a recursive function capable of handling multidimensiona l
arrays
function array_stripslas hes($data)
{
do{
$pair = each($data); // Get the next key-value
pair from the array
if($pair === false)
break;
$key = $pair[0]; // This is just for
readability
$val = $pair[1];
if(is_array($va l))
$val = Utility::array_ stripslashes($v al);
elseif(is_strin g($val))
$val = stripslashes($v al);
$data[$key] = $val;
}while(true);
return $data;
}
Now, I test it several times and it appears to be working fine. But, I just
got an error report from a user, with agent "Mozilla/4.0 (compatible; MSIE
5.0; CS 2000 6.0; Windows 98; DigExt)", and when they clicked on a submit
button, all the POST data was lost. Interestingly enough,
$GLOBALS['HTTP_RAW_POST_ DATA'] was populated with all the form fields I
would have expected to be in $_POST (although raw, of course, not parsed
into variables).
Is my code broken? Or is this a bug in PHP? Or what?
Sincerely,
-Josh