DarkElf Posted February 23, 2006 Share Posted February 23, 2006 I'm building a simple content managment system fo my website. The website is basically a template page which defines all the headers, footers and borders for the website and then the specific html content of each page is stored in a txt file which is added to the template using include. The CMS opens these txt files and loads their content into a textarea in which I can modify the code, then it uses fwrite to write the code back to the file when you submit it.It's very very basic and has several holes (for instance if the page you are modifying also contains a textarea the whole thing goes squewiff ) but most of which aren't major problems and I can fix them myself. It's not intended to be super clever anyway, it simply allows me to modify the html of my pages online without having to use an ftp client to upload every little change.The problem I don't understand is that when it writes the file is adds a backslash (\) to every occurence of ". e.g. the original file contains the code <p class="main">, this is also what appears in the text area when it is loaded into it (using fgets and echo statements), however when it writes back to the file using fwrite it writes <p class=\"main\">, which obviously messes up the page! I assume that the php does this to escape the " symbol which would otherwise cause problems in the script, but why does it do it by itself without my instructing it to? and is there a way round my problem? Link to comment Share on other sites More sharing options...
hacknsack Posted February 23, 2006 Share Posted February 23, 2006 You are a victim of magic quotes.You can use stripslashes() on the string and everything will work out.-hs Link to comment Share on other sites More sharing options...
DarkElf Posted February 23, 2006 Author Share Posted February 23, 2006 ah, I see. I've managed to disable magic quotes by putting a line in the htaccess file, so I can avoid using stripslashes, though I may add the stripslashes line at some point to make the code more portable. Cheers for that. Link to comment Share on other sites More sharing options...
hacknsack Posted February 23, 2006 Share Posted February 23, 2006 Would you mind posting the htaccess file.That sounds like a pretty clean solution, especially if it can be made directory specific.-hs Link to comment Share on other sites More sharing options...
DarkElf Posted February 24, 2006 Author Share Posted February 24, 2006 You just add the line: php_flag magic_quotes_gpc off to the htaccess file.It's clean but it does mean that if you are moving the page to another location or server you have to ensure that you remember to update the new htaccess file (assuming magicquotes is a problem at the new location). If you use the stripslashes line its not as clean but makes the code more portable as you needn't have to worry about remembering to do this. Link to comment Share on other sites More sharing options...
hacknsack Posted February 24, 2006 Share Posted February 24, 2006 Appreciate the tip, -hs Link to comment Share on other sites More sharing options...
StupidRalph Posted February 26, 2006 Share Posted February 26, 2006 Even still magic quotes will be removed completely in PHP 6. Link to comment Share on other sites More sharing options...
homoeopathy80 Posted March 2, 2006 Share Posted March 2, 2006 Why will it be removed completely in PHP 6? I thought it is required for database. Even still magic quotes will be removed completely in PHP 6.<{POST_SNAPBACK}> Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now