Welcome to Geeklog, Anonymous Monday, December 23 2024 @ 12:38 am EST

Geeklog Forums

gpc_magic_quotes


Status: offline

exaurdon

Forum User
Regular Poster
Registered: 08/13/03
Posts: 107
This post is primarily directed toward members of the development team. I am just curious if any provision exxists in geeklog to handle the case of uses who do not have the gpc_magic_quotes option turned on. I have not noticed any provision in the code for this possiblitiy.

I have noticed that most code seems to call addslashes before storing values in a database, and stripslashes when reading from the DB. This generally works very well. However, if gpc_magic_quotes is disabled, then it appears that users cannot place a backslashes in any field using the add/strip slashes. (As long as a backslash does not need to be placed, it works fine) here is why I think this happens:
Text Formatted Code

Example:
you want to put:  \"hello\" into a field (including the backslashes)

1. - Form submission
 With gpc_magic_quotes on: this becomes \\\"hello\\\"
With gpc_magic_quotes off: this becomes \"hello\" (no change)

2. - Add slashes
With gpc_magic_quotes on: this becomes \\\\\\\"hello\\\\\\\"
With gpc_magic_quotes off: this becomes \\\"hello\\\"

3. - DB Insertion
 - (Escaped chars are translated to normal chars)
In the database you end up with:
quotes on: \\\"Hello\\\"
quotes off: \"Hello\"

4. - Strip slashes
With gpc_magic_quotes on: you get \"hello\"
With gpc_magic_quotes off: this becomes "hello"

 

With quotes off, you lost the slashes.... As I mentioned, this isn't a terribly huge deal right now, since most fields don't need backslashes in them, but maybe in Geeklog 2 this would be something to address. It could be handled reasonably easily throught eh $_REQUEST variable (especially since register_globals will no longer be assumed)

I'm posting this primarily in case anyone else is having similar problems with backslashes in fields.

Alex~
P.S. Sorry for a very long post...
 Quote

All times are EST. The time is now 12:38 am.

  • Normal Topic
  • Sticky Topic
  • Locked Topic
  • New Post
  • Sticky Topic W/ New Post
  • Locked Topic W/ New Post
  •  View Anonymous Posts
  •  Able to post
  •  Filtered HTML Allowed
  •  Censored Content