Sign Up to our social questions and Answers Engine to ask questions, answer people’s questions, and connect with other people.
Login to our social questions & Answers Engine to ask questions answer people’s questions & connect with other people.
Lost your password? Please enter your email address. You will receive a link and will create a new password via email.
Please briefly explain why you feel this question should be reported.
Please briefly explain why you feel this answer should be reported.
Please briefly explain why you feel this user should be reported.
All,
There is a text area say
<input type="submit">
And if a user gives the input as,
here is my name and my mail id is "a@x.com"
And when the data is posted on the server side the data is received as
here is my name and my mail id is \”a@x.com\”
Backslash is added behind double quotes.Now how to encode the the data before submitting.I am using php on the server side..
Thanks.
this is magic_quotes_gpc kicking in – to remove it just disable it in php.ini or remove it using stripslashes($your_var);
though bear in mind that this is a (lousy) security feature of php, but when storing the data to a database you should use the respective escape functions to prevent sql injections anyway and when showing user-posted data your sanitizing function should prevent xss injections.