Automatic masking in PHP when using FORMS/POST

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

Threaded View

I have the following problem. I am transferring SQL code using a form:

echo "<form action=\"myfile.php\" method=\"POST\">";
echo "<input type=\"submit\" name=\"SubmitSelectedView\" value=\"...\"

Everything works fine, I am using the following code in myfile.php:


Problem is that PHP is automatic masking the content. When sending

ProjectName like 'Test%'

I am receiving

ProjectName like \'Test%\'

What goes wrong? Do I have to change the transfer mode? I tried to work
with htmlspecialchars_decode() or entity_decode(), but this does not help.



Re: Automatic masking in PHP when using FORMS/POST

Matthias Braun escribió:
Quoted text here. Click to load it

If you thing carefully, you'll notice that the back-slash character
doesn't have any special meaning in HTML.

You're suffering from a good old "feature" called "Magic quotes" that's
disabled by default in modern PHP releases. Here's all the info you need:

-- - Álvaro G. Vicario - Burgos, Spain
-- Mi sitio sobre programación web:
-- Mi web de humor al baño María:

Site Timeline