Magic Quotes in Action Now lets make a simple form processor to show how

what is magic code ?

Question Posted / karthi

4 Answers
10911 Views
eVenturers, iFlash, Zynga, I also Faced
E-Mail Answers

Answer Posted / karthi

Magic Quotes in Action

Now lets make a simple form processor to show how machines
with magic quotes enabled will escape those potentially
risky characters. This form submits to itself, so you only
need to make one file, "magic-quotes.php" to test it out.
magic-quotes.php Code:
<?php
echo "Altered Text: ".$_POST['question'];
?>

<form method='post'>
Question: <input type='text' name='question'/><br />
<input type='submit'>

</form>

This simple form will display to you what magic quotes is
doing. If you were to enter and submit the string: Sandy
said, "It's a beautiful day outside and I like to use \'s."
You would receive the following output.
Display:
Altered Text: Sandy said, \"It\'s a beautiful day outside
and I like to use \\\'s.\"
Question:

Magic quotes did a number on that string, didn't it? Notice
that there is a backslash before all of those risky
characters we talked about earlier. After magic quotes:
A backslash \ becomes \\
A quote ' becomes \'
A double-quote " becomes \"

Now say that you wanted to remove the escaping that magic
quotes puts in, you have two options: disable magic quotes
or strip the backslashes magic quotes adds.
Removing Backslashes - stripslashes()

Before you use PHP's backslash removal function
stripslashes it's smart to add some magic quote checking
like our "Are They Enabled?" section above. This way you
won't accidentally be removing slashes that are legitimate
in the future if your PHP's magic quotes setting changes in
the future.
magic-quotes.php Code:
<?php
echo "Removed Slashes: ";
// Remove those slashes
if(get_magic_quotes_gpc())
echo stripslashes($_POST['question']);
else
echo $_POST['question'];

?>

<form method='post'>
Question: <input type='text' name='question'/><br />
<input type='submit'>

</form>

Our new output for our string containing risky characters
would now be:
Display:
Removed Slashes: Sandy said, "It's a beautiful day outside
and I like to use \'s."
Question:

Is This Answer Correct ?

4 Yes

1 No

Post New Answer View All Answers

Please Help Members By Posting Answers For Below Questions

How to track no of user logged in?

627

What is fetch array in php?

573

What do you use php for?

530

Is it worth learning php in 2019?

519

How can you execute php script from the command line?

545

What are some new features introduced in php7?

8374

Is php strongly typed?

605

What is the purpose of the '.myd' file extension? What do thes file contain?

535

What is inheritance in php?

572

How to invoke a user function?

547

What is the difference between mysql_fetch_array() and mysql_fetch_assoc()?

518

What is properties of class?

587

Is it more secure to use cookies to transfer session ids?

532

What is null value in php?

565

Why php 7 is faster?

509