Back Home

Open Designs

Community. Driven.

Designer Talk: Again PHP help needed

Bottom of Page

1 to 7 of 7

  1.  
    • CommentAuthorwfiedler
    • CommentTimeApr 9th 2008 edited by wfiedler on the 09th April 2008 at 10:25:00 EDT
     
    Hi PHP gurus,

    I'm just making a really small CMS for a client with a small PHP script and markitup (a markup editor).

    Preview (Administration Area)

    It works everything fine, but after saving I have these strange slashes.

    Example:

    <a href=\\\"http://www.yoursite.com\\\">Your text to link...</a>

    <img src=\"upload/image_01.jpg\" alt=\"Image\" />

    I know it has something to do with stripslashes, but I have again no idea to get rid of them,

    The PHP code of the CMS:

    <?php
    $CPATH="../content/";

    function file_list($dir) {
    if (is_dir($dir)) {
    $fd = @opendir($dir);
    while (($part = @readdir($fd)) == true) {
    clearstatcache();
    if ($part != "." && $part != "..") {
    if (!is_dir($part)) {
    $file_array[] = $part;
    }
    }
    }
    if ($fd == true) {
    closedir($fd);
    }
    if (is_array($file_array)) {
    natsort($file_array);
    return $file_array;
    } else {
    return $file_array = NULL;
    }
    } else {
    return false;
    }
    }

    $FL=file_list($CPATH);

    if($_POST["select"] && $_POST["Submit"]=="Load") {
    //Readfile
    $text=file_get_contents($CPATH.$_POST["select"]);
    }

    if($_POST["editing"] && $_POST["textfield"] && $_POST["Submit"]=="Update") {
    //Write file
    $filename = $CPATH.$_POST["editing"];
    $text=$_POST["textfield"];
    $fp = fopen ($filename, "w");
    fwrite($fp, $text);
    fclose($fp);
    }

    if($_POST["editing"] && $_POST["textfield"] && $_POST["Submit"]=="Backup") {
    //Write file
    $filename = "../backup/".$_POST["editing"];
    $text=$_POST["textfield"];
    $fp = fopen ($filename, "w");
    fwrite($fp, $text);
    fclose($fp);
    }

    if($_POST["editing"] && $_POST["Submit"]=="Restore") {
    //Write file
    $text=file_get_contents("../backup/".$_POST["editing"]);
    }

    ?>

    Bob or somebody else - any idea?

    When I'm ready I will give out the CMS for free. It's really simple and neat and based on .txt files.

    Thanks in advance!

    Wolfram
  2.  
    What is probably happening is that magic quotes gpc is on, which basically runs addslashes on everything that is being submitted automatically. Before you store data to the file, just run stripslashes on it.
  3.  
    Another quick note, if you are trying to make this code portable, so that it works on any server, you will actually need to check magic quotes, and only stripslashes if it's on. Otherwise, if magic quotes are off and a user purposely types \" or \' etc, the slashes would be removed. If magic quotes are on, those change into \\\" and \\\' and after stripslashes they go back to \" and \'
    • CommentAuthorwfiedler
    • CommentTimeApr 9th 2008 edited by wfiedler on the 09th April 2008 at 11:49:03 EDT
     
    Thanks Aaron,

    but what actually do I have to do to make the code working on every server? I'm a little bit confused and a miserable PHP programmer. Any idea?
    • CommentAuthorwfiedler
    • CommentTimeApr 9th 2008 edited by wfiedler on the 09th April 2008 at 12:08:45 EDT
     
    Ok, I found the solution:

    if (get_magic_quotes_gpc()) {$_REQUEST = array_map('stripslashes', $_REQUEST); $_GET = array_map('stripslashes', $_GET); $_POST = array_map('stripslashes', $_POST); $_COOKIE = array_map('stripslashes', $_COOKIE); }

    Now it works...tongue
  6.  
    Lol, that's overkill, but it does work. Wherever you do:$text=$_POST["textfield"];Add this just before it:
    if (get_magic_quotes_gpc()) {
    $_POST["textfield"] = stripslashes($_POST["textfield"]);
    }
    • CommentAuthorwfiedler
    • CommentTimeApr 9th 2008
     
    Yupp! Tried it and works like a charm! Thanks a lot Aaron!

    This community rocks!

    bakiebakiebakiebakiebakie

1 to 7 of 7

  1.