help - beginner trying to echo textarea

Question

tmaniacco 0 Newbie Poster

14 Years Ago

This is my first website so please be kind.

My form in my index.php has method="post" action="mailer.php"

in my mailer.php I have the following code which I had hoped would take care of single and double quotes which may be entered into the message textarea

$message = $_POST;
$message = str_replace(array("\r\n","\r","\n")," ",$message);
$message = stripslashes($message);

Back in my index.php I echo $_POST but when it echos the message it has slashes in the message area e.g. don't becomes don\'t. How do I get rid of those?

php

3 Contributors
5 Replies
79 Views
8 Hours Discussion Span
Latest Post 14 Years Ago Latest Post by cwarn23

Phil++ 31 Posting Whiz in Training

14 Years Ago

Hey,

You should really put any code you post in tags.

[half asleep, sorry]

Edited 14 Years Ago by Phil++ because: n/a

Phil++ 31 Posting Whiz in Training

14 Years Ago

Hey, sorry I was half asleep lol :(!

It seems your problem is down to this:

$message = $_POST['message']; 
$message = str_replace(array("\r\n","\r","\n")," ",$message);
$message = stripslashes($message);

Should be:

$message = $_POST['message'];
$display_message = stripslashes($message);
echo $display_message; // instead of 'message'

hope this helps!

Reply to this topic

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.

tmaniacco 0 Newbie Poster · Answer 1 · 2010-03-25T08:11:42+00:00

Hi Phil,
You should really put any code you post in tags.
But use stripslashes instead. http://php.net/manual/en/function.stripslashes.php

If by tages you mean <?php echo $_POST ?>

this is exactly what is in my index.php

and in my mailer I use stripslashes but it is not giving me the expected result.

tmaniacco 0 Newbie Poster · Answer 2 · 2010-03-25T09:11:19+00:00

Hey, sorry I was half asleep lol :(!

It seems your problem is down to this:

$message = $_POST['message']; 
$message = str_replace(array("\r\n","\r","\n")," ",$message);
$message = stripslashes($message);

Should be:

$message = $_POST['message'];
$display_message = stripslashes($message);
echo $display_message; // instead of 'message'

hope this helps!

Why do I need to use another variable $display_message?

cwarn23 387 Occupation: Genius Team Colleague Featured Poster · Answer 3 · 2010-03-25T10:25:37+00:00

Why do I need to use another variable $display_message?

You don't and would be wiser not to. You should always use stripslashes on $_POST and so below is a faster executing example.

$message = stripslashes($_POST['message']);
echo $message;

Of course you could try the below but there is no guarantee of maintaining the new data.

$_POST['message']= stripslashes($_POST['message']);
echo $_POST['message'];

As for the cause behind all of this the problem is magic quotes. magic quotes is an option in the php.ini file which automatically escapes quotes so that $_POST data is more secure for mysql query's when a user doesn't use the mysql_real_escape_string() function. So to avoid this annoying feature you have two options. Disable it in the php.ini file or the better option is just to use the stripslashes function.