Hi Max,
I was just building a new form for my own website where I have some free-form textarea fields and I found that the Autogenerated code needed to have addslashes() to save correctly if there were any special characters in the field - in this case apostrophes in words like didn't.
I changed the Autogenerated code to read "'".addslashes($_POST['textarea_1'])."' ," and the form now works well.
Bob
PS I expected to have to add stripslashes for the data display but that seems fine.
Jooomla 1.0.13 with magic_quotes_gpc OFF
I was just building a new form for my own website where I have some free-form textarea fields and I found that the Autogenerated code needed to have addslashes() to save correctly if there were any special characters in the field - in this case apostrophes in words like didn't.
I changed the Autogenerated code to read "'".addslashes($_POST['textarea_1'])."' ," and the form now works well.
Bob
PS I expected to have to add stripslashes for the data display but that seems fine.
Jooomla 1.0.13 with magic_quotes_gpc OFF
Hi Bob,
Could you please take a screenshot for the data which was coming from those fields in both the email and the data view pages at the admin ? please get them in screenshot because it may not look the same if you just pasted them here😉
I will examine this issue and hopefully we will have a fix🙂
Thanks!!
Max
Could you please take a screenshot for the data which was coming from those fields in both the email and the data view pages at the admin ? please get them in screenshot because it may not look the same if you just pasted them here😉
I will examine this issue and hopefully we will have a fix🙂
Thanks!!
Max
Hi Max,
Attached is the best I can do. I added some debug code to display the SQL statement from the AutoGenerated code. There are two data fields here after 'Testing'. The first is just the $_POST data, the second has addslashes added.
If I paste this SQL into PHPMyAdmin it fails because of the unescaped single quotes in the $_POST data.
Bob
Attached is the best I can do. I added some debug code to display the SQL statement from the AutoGenerated code. There are two data fields here after 'Testing'. The first is just the $_POST data, the second has addslashes added.
If I paste this SQL into PHPMyAdmin it fails because of the unescaped single quotes in the $_POST data.
Bob
Hi Bob,
Thank you, I got it, I will develop some way to check for magic quotes and add the addslashes if necessary then🙂
Sincerely,
Max
Thank you, I got it, I will develop some way to check for magic quotes and add the addslashes if necessary then🙂
Sincerely,
Max
This topic is locked and no more replies can be posted.
