php strip apostrophes

Posted on 2006-11-15
Medium Priority
Last Modified: 2009-12-16
Is there a way to put something above a file to strip '  from all forms and then be able to use the HTTP_POST_VARS later on?
Question by:jackjohnson44
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 2
LVL 19

Expert Comment

ID: 17949912
Yes, but I strongly suspect there's a more direct way of solving the problem you're facing.  What IS the original problem you're facing?

Meanwhile, this will do what you've asked:

function inexplicably_remove_single_quotes(/* string */ $s) {
    return str_replace("'", '', $s);

$_POST = array_map($_POST, $s);

(Though I've here used the more up-to-date $_POST you could do the same thing with $HTTP_POST_VARS if necessary.)
LVL 19

Expert Comment

ID: 17949933
Heh, no that won't; that won't do anything at all.  THIS would do it:

$_POST = array_map($_POST, 'inexplicably-remove_single_quotes');

Expert Comment

ID: 17951706
Are you familiar with addslashes()?  This will escape all your quotes.  
Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

LVL 19

Expert Comment

ID: 17951720
Well, the way to handle quotes depends on where they're going.  If into a MySQL database then mysql_real_escape_string() would be more appropriate.  If into an HTML page then htmlentities() would be more appropriate.  addslashes() is a generic way of escaping, but often isn't the right way.

Author Comment

ID: 17966165
I am posting the page back to itself, and the form repopulates.
If it posts back and it has a quote, it will keep putting slashes in the text box.
I totally want to turn them off and if I need them I can add them myself.
Is there a way to turn it off?
LVL 19

Expert Comment

ID: 17966207
Yes, it's an option in php.ini -- see http://www.php.net/manual/en/security.magicquotes.disabling.php

If you're on a server where you can't control php.ini, the code I posted is a workaround: it just takes the slashes back out after PHP adds them.  It's annoying, yes, but once you've done it the effect is as though PHP never poked its head into it in the first place.

Author Comment

ID: 17966262
Is this what you are talking about?
$_POST = array_map($_POST, 'inexplicably-remove_single_quotes');

Can I just put it in an include file?

What does this mean: inexplicably-remove_single_quotes

Does this do anything to: HTTP_POST_VARS?

This is what I want to change.

LVL 19

Accepted Solution

VoteyDisciple earned 2000 total points
ID: 17966397
Wait, wait, that's not quite right: you don't want to remove QUOTES, you want (and this sounds like a much more reasonable plan to me) to just remove ESCAPING of quotes.

For that just use stripslashes().

$HTTP_POST_VARS = array_map($HTTP_POST_VARS, 'stripslashes');

The inexplicably_remove_single_quotes (see my first comment for the definition of that function) actually removed the QUOTES, which is what you first asked.  To just undo the escaping all you need is the built-in stripslashes function.

Featured Post

Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Things That Drive Us Nuts Have you noticed the use of the reCaptcha feature at EE and other web sites?  It wants you to read and retype something that looks like this. Insanity!  It's not EE's fault - that's just the way reCaptcha works.  But it i…
3 proven steps to speed up Magento powered sites. The article focus is on optimizing time to first byte (TTFB), full page caching and configuring server for optimal performance.
The viewer will learn how to create and use a small PHP class to apply a watermark to an image. This video shows the viewer the setup for the PHP watermark as well as important coding language. Continue to Part 2 to learn the core code used in creat…
This tutorial will teach you the core code needed to finalize the addition of a watermark to your image. The viewer will use a small PHP class to learn and create a watermark.
Suggested Courses

719 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question