I have been struggling with this for a while now, somehow JQuery is escaping the quotes on the text, that’s ok, but when the string is shown to the user I want to be shown as the user wrote it, here is the simplified code:
Test.PHP
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title></title>
<meta http-equiv="content-type" content="text/html;charset=utf-8" />
<script src="//ajax.googleapis.com/ajax/libs/jquery/1.8.1/jquery.min.js"></script>
</head>
<body>
<form id="testform" action="testoutput.php" method="post">
<input type="text" name="data" id="data" />
<input type="submit" />
</form>
<div name="output" id="output"><b>The Output</b></div>
<script>
$(document).ready(function() {
$('#testform').submit(function () {
$data = $('#data').val();
$.ajax({
url: 'testoutput.php',
type: 'POST',
data: "data=" + $data,
success: function(response) {
$('#output').html(response);
}
});
return false;
});
});
</script>
</body>
</html>
testoutput.php
<?php
$data = $_POST['data'];
echo $data;
?>
Now, if in the form I write something like “Ok” the output will show \”Ok\” I had trying things like:
$data = escape($('#data').val());
in order to avoid the quotes even being there when the request is sent, but somehow the ajax request is also escaping that, am I missing something here?
I don’t mind the escaping, but why is JQuery doing this, why is this encode/decode/escape stuff happening in the background?
stripslashesis probably the tool you need, but make sure you TEST for magic quotes being on before removing slashes.If you ever transport your code to a new system that has a different config, then you’ll have a heck of a time tracking it down..
http://php.net/manual/en/function.get-magic-quotes-gpc.php