Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 236
  • Last Modified:

how do i add stripslashes to this piece of code in php/mysql application

how do i add the get_magic_quotes_gpc()==1 to the attached code so it will remove the slashes that are in my db.  I was able to do this for another section of the code and it works, but i can't figure out how to add it to the array_push and else statement in the code that is attached.

//$R[$row['R_NUMBER']]['ANSWER'][$row['Q_ID']]=$row['TEXT'];
                $R[$row['R_NUMBER']]['ANSWER'][$row['Q_ID']]= ((get_magic_quotes_gpc()==1)?stripslashes($row['TEXT']):$row['TEXT']);

function getRequest($requestNumber,$answerTable='ANSWER')
{
	global $db;
 
	$sql = "SELECT * FROM " . $answerTable ." WHERE R_NUMBER='".$requestNumber."' ORDER BY Q_ID";
 
	$result = mysql_query($sql,$db) or die("ERROR: " . mysql_error());
 
	while ( $row = mysql_fetch_assoc($result) )
	{
		if (preg_match("/\[\]$/", $row['Q_ID']))	//If there is a [] in the ID, it is an array
		{
			preg_match("/([^\[]+)\[\]/", $row['Q_ID'], $matches);	//Split the ID into the number and the []
			$arrayname = $matches[1];
 
			if (!is_array($answer[$arrayname]))
			{
				$answer[$arrayname]=array();
			}
 
			array_push($answer[$arrayname],preg_replace("/<br>/",$cr,$row['TEXT']));
		} else
		{
			$answer[$row['Q_ID']] = preg_replace("/<br>/",$cr, $row['TEXT']);
		}
	}

Open in new window

0
justmelat
Asked:
justmelat
  • 2
  • 2
1 Solution
 
Steve BinkCommented:
I'm assuming it is $row['TEXT'] you want to strip:
on getRequest($requestNumber,$answerTable='ANSWER')
{
        global $db;
 
        $sql = "SELECT * FROM " . $answerTable ." WHERE R_NUMBER='".$requestNumber."' ORDER BY Q_ID";
 
        $result = mysql_query($sql,$db) or die("ERROR: " . mysql_error());
 
        while ( $row = mysql_fetch_assoc($result) )
        {
                $text_to_add =  ((get_magic_quotes_gpc()==1)?stripslashes($row['TEXT']):$row['TEXT']);
                if (preg_match("/\[\]$/", $row['Q_ID']))        //If there is a [] in the ID, it is an array
                {
                        preg_match("/([^\[]+)\[\]/", $row['Q_ID'], $matches);   //Split the ID into the number and the []
                        $arrayname = $matches[1];
 
                        if (!is_array($answer[$arrayname]))
                        {
                                $answer[$arrayname]=array();
                        }
 
                        array_push($answer[$arrayname],preg_replace("/<br>/",$cr,$text_to_add));
                } else
                {
                        $answer[$row['Q_ID']] = preg_replace("/<br>/",$cr, $text_to_add);
                }
        }

Open in new window

0
 
Ray PaseurCommented:
Hmm... Yet another compelling argument for atomic, instead of combined, coding!

;-)

Best to all, ~Ray
0
 
justmelatAuthor Commented:
Hi routinet:  i tried your solution, but still get the slashes, that then can't be removed.  the only solution was to remove the addslashes.  i don't know what has gone wrong with the new server upgrade, but it has everything off now.
0
 
justmelatAuthor Commented:
just didn't work for my application
0
 
Steve BinkCommented:
>>> tried your solution, but still get the slashes, that then can't be removed

Were you trying to use this to cleanse existing data already in a database?  That's not what addslashes() does.  This function's purpose is to escape data before adding it to a database.
0

Featured Post

Keep up with what's happening at Experts Exchange!

Sign up to receive Decoded, a new monthly digest with product updates, feature release info, continuing education opportunities, and more.

  • 2
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now