On Fri, 2004-10-08 at 06:22 -0700, Sam Smith wrote:
> I swear I googled for an hour first.
>
>
> A user enters in a textarea field of FORM1.php:
> Bob is "high"
>
> Submitted to FROM2.php we get:
>
> Bob is \"high\"
>
> In a hidden field in FROM2.php we store the value: <type="hidden", value="<?
> echo stripslashes($_POST['textarea']); ?>> Value now Bob is "high"
>
> Then from FROM2.php we Submit BACK to FROM1.php and enter it back into the
> textarea field with:
> <type="textarea", value="<? echo $_POST['hidden']); ?>
>
> we have;
> Bob is
>
> Everything after the first double quote is clobbered.
>
> I can fix this by putting this in FORM2.php:
> $APParea1 = $_POST['textarea'];
> $APParea1 = str_replace("\"","[QT]",$APParea1);
>
> and then back by putting this in FORM1.php:
> $APParea1 = $_POST['hidden'];
> $APParea1 = str_replace("[QT]","\"",$APParea1);
>
> <type="textarea", value="<? echo $APParea1; ?>
>
>
> BUT THIS must have happened many times a long long time ago to many good
> people and some smart function was developed, right?
>
>
> Thanks
> stripslashes() addslashes() another option is to turn off magic quotes. -Robby -- /*************************************** * Robby Russell | Owner.Developer.Geek * PLANET ARGON | www.planetargon.com * Portland, OR | [EMAIL PROTECTED] * 503.351.4730 | blog.planetargon.com * PHP/PostgreSQL Hosting & Development ****************************************/
signature.asc
Description: This is a digitally signed message part
