Welcome to Geeklog, Anonymous Sunday, December 22 2024 @ 07:21 pm EST
Geeklog Forums
Static pages removing slashes on save.
Jay
Anonymous
I'm trying to use the userlogin4root static page. Problem is, everytime I hit save, it removes all the slashes from the code.
Example.
I put this in
. "<form action=\"{$_CONF['site_url']}/staticpages/index.php?page=userlogin4root\" method=\"post\">"
. "Username: <input type=\"text\" name=\"username\" value=\"\"> "
. "<input type=\"submit\">";
And when I hit save, it converts all that to this
. "<form action="{$_CONF['site_url']}/staticpages/index.php?page=userlogin4root" method="post">"
. "Username: <input type="text" name="username" value=""> "
. "<input type="submit">";
which, in turn, makes the static page blank.
Refer to this thread for more examples and everything I've done so far. I'm not sure if this is a glitch in geeklog, a setting, or something on my server(?).
Any information is appreciated. Thanks
Example.
I put this in
Text Formatted Code
. "<form action=\"{$_CONF['site_url']}/staticpages/index.php?page=userlogin4root\" method=\"post\">"
. "Username: <input type=\"text\" name=\"username\" value=\"\"> "
. "<input type=\"submit\">";
And when I hit save, it converts all that to this
Text Formatted Code
. "<form action="{$_CONF['site_url']}/staticpages/index.php?page=userlogin4root" method="post">"
. "Username: <input type="text" name="username" value=""> "
. "<input type="submit">";
which, in turn, makes the static page blank.
Refer to this thread for more examples and everything I've done so far. I'm not sure if this is a glitch in geeklog, a setting, or something on my server(?).
Any information is appreciated. Thanks
15
13
Quote
Jay
Anonymous
I just checked the table in mySQL and the slashes show up there. No clue what is going on..
16
17
Quote
tokyoahead
Anonymous
then it seems they get removed on display instead on save.
15
20
Quote
Jay
Anonymous
So does that mean they're still there, I just don't see them when I'm in the edit screen, or is it removing them when running the script too?
18
19
Quote
tokyoahead
Anonymous
it seems that they are removed when you run the script, since it does not work :-)
but you can check when you run the script by looking at the page's sourcecode.
Oliver
but you can check when you run the script by looking at the page's sourcecode.
Oliver
18
15
Quote
Jay
Anonymous
I checked the sourcecode and it's not showing anything at all. It's removing all the code it seems.
20
15
Quote
tokyoahead
Anonymous
that soudns strange however.
If the code is correctly in the database but does not show up at all except a blak in the website, then you should check your server errorlog for details.
also a URL would help so I can take a look at the output.
If the code is correctly in the database but does not show up at all except a blak in the website, then you should check your server errorlog for details.
also a URL would help so I can take a look at the output.
15
16
Quote
Jay
Anonymous
Error log says something about upgrading the Zend Optimizer.
I guess I should have looked there first. The URL is being PM'ed to you. The site's not launched yet, so I don't want any stray links.
I guess I should have looked there first. The URL is being PM'ed to you. The site's not launched yet, so I don't want any stray links.
19
12
Quote
Status: offline
Jay
Forum User
Junior
Registered: 02/14/07
Posts: 16
Location:Beverly, MA
Alright, I contacted my host, and they upgraded my Zend Optimizer. The error for the static pages comes up as this in the error logs
PHP Parse error: syntax error, unexpected '{' in /my root directory/plugins/staticpages/functions.inc(841) : eval()'d code on line 14
I leave carnage in my wake.
PHP Parse error: syntax error, unexpected '{' in /my root directory/plugins/staticpages/functions.inc(841) : eval()'d code on line 14
I leave carnage in my wake.
21
13
Quote
tokyoahead
Anonymous
Well please post here which line is the 14th in your code. Since you cut some part of the instructions I cannot know.
13
10
Quote
Status: offline
Jay
Forum User
Junior
Registered: 02/14/07
Posts: 16
Location:Beverly, MA
Of the code in the static page, it's
which is the first line that uses the slashes, so I assume it's still stripping the slashes when it processes the code, which is why it's kicking up the error.
I leave carnage in my wake.
Text Formatted Code
. "<form action=\"{$_CONF['site_url']}/staticpages/index.php?page=userlogin4root\" method=\"post\">"which is the first line that uses the slashes, so I assume it's still stripping the slashes when it processes the code, which is why it's kicking up the error.
I leave carnage in my wake.
18
14
Quote
tokyoahead
Anonymous
Yeah pretty much so. What yu can do is remove all the slashes and take the variables out with quotes and concatenate.
But its definetely not normal that you have the slashes stripped.
Did you do a blank install or an upgrade to 1.4.1? Are you sure you have the 1.4.1 version of the files? the file in question here is /public_html/staticpags/index.php
But its definetely not normal that you have the slashes stripped.
Did you do a blank install or an upgrade to 1.4.1? Are you sure you have the 1.4.1 version of the files? the file in question here is /public_html/staticpags/index.php
22
15
Quote
Status: offline
Jay
Forum User
Junior
Registered: 02/14/07
Posts: 16
Location:Beverly, MA
Fresh install of 1.4.1.
I was reading about this feature of php called stripslashes. Here's a description from one of the sites
So it's, what I assume, a built in feature of php that is removing the slashes automatically. I'll ask a buddy of mine who is putting the site together about it. He knows more of the inner workings than I do.
I leave carnage in my wake.
I was reading about this feature of php called stripslashes. Here's a description from one of the sites
addslashes/stripslashes
These two functions tie in very closely with magic quotes. Magic quotes simply applies addslashes to user input and stripslashes removes those slashes. Again, my gripe with these functions is that there is no point! The strings that you get as a result of addslashes are still unsafe for use in any SQL query because they haven't been escaped with a database-specific escape function such as mysql_real_escape_string.
As with magic quotes, any use of these two functions is often a coding error. The one exception is if for some reason you cannot disable magic quotes using .htaccess as above, in which case you could use stripslashes on all the user input to de-mangle the user input.
These two functions tie in very closely with magic quotes. Magic quotes simply applies addslashes to user input and stripslashes removes those slashes. Again, my gripe with these functions is that there is no point! The strings that you get as a result of addslashes are still unsafe for use in any SQL query because they haven't been escaped with a database-specific escape function such as mysql_real_escape_string.
As with magic quotes, any use of these two functions is often a coding error. The one exception is if for some reason you cannot disable magic quotes using .htaccess as above, in which case you could use stripslashes on all the user input to de-mangle the user input.
So it's, what I assume, a built in feature of php that is removing the slashes automatically. I'll ask a buddy of mine who is putting the site together about it. He knows more of the inner workings than I do.
I leave carnage in my wake.
15
13
Quote
Status: offline
Jay
Forum User
Junior
Registered: 02/14/07
Posts: 16
Location:Beverly, MA
ha, wow. Ok, so, using the logic behind stripslashes, I thought "hey, let's try doubling the slashes in the script". So I did, and everything seems to be working flawlessly now.
Thank you for all the help.
I guess if anyone else runs into this problem, there's your answer! haha.
Thanks again,
Jay
I leave carnage in my wake.
Thank you for all the help.
I guess if anyone else runs into this problem, there's your answer! haha.
Thanks again,
Jay
I leave carnage in my wake.
18
20
Quote
Status: offline
n4th4n
Forum User
Chatty
Registered: 07/21/03
Posts: 49
Location:NY, USA
@Jay: This was driving me insane! Thanks for posting the above info. After moving GL to a new server (with new Apache+PHP versions) suddenly I could no longer save a staticpage with backslashes to escape quotes. Using two is a good work around for now, but I'd rather be able to just paste in my code (which is kept in version control without these extra slashes of course).
Might somebody be able to explain whats happening here? Does anyone know how to disable this behavior just on the static pages maybe?
I'm on PHP Version 5.3.2-1ubuntu4.9
with the Suhosin Patch 0.9.9.1
Apache Version Apache/2.2.14 (Ubuntu) mod_php5
Might somebody be able to explain whats happening here? Does anyone know how to disable this behavior just on the static pages maybe?
I'm on PHP Version 5.3.2-1ubuntu4.9
with the Suhosin Patch 0.9.9.1
Apache Version Apache/2.2.14 (Ubuntu) mod_php5
17
11
Quote
Status: offline
veronicaZora
Forum User
Newbie
Registered: 01/09/12
Posts: 3
I am new to PHP so I am giving answer as per my knowledge. I think you have any other problem in your project may be in including header files etc.. So u check everything else than only seeing code..
13
11
Quote
All times are EST. The time is now 07:21 pm.
- Normal Topic
- Sticky Topic
- Locked Topic
- New Post
- Sticky Topic W/ New Post
- Locked Topic W/ New Post
- View Anonymous Posts
- Able to post
- Filtered HTML Allowed
- Censored Content