Menu
I have a 3rd party server which has a classic ASP page which takes in form data. From my web page I have a PHP script which sends fields to the ASP page using curl. Everything works fine except if a user includes an apostrophe character to the text. In the back end it is received as "\'". What is even odder is that it only does this from my hosted website. When I test locally it works fine.
Here is the PHP snippet which sends the data:
$datatopost = array ();
foreach($_POST as $key => $data) {
$datatopost[$key] = $data;
}
$ch = curl_init("http://my.server.com/validate.asp");
curl_setopt($ch, CURLOPT_POST,1);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, TRUE);
curl_setopt($ch, CURLOPT_POSTFIELDS, $datatopost);
$result = curl_exec($ch);
268
You probably need to disable Magic Quotes in that particular server: http://php.net/manual/en/security.magicquotes.php
Furthermore, you could add this code to the top of your scripts (better yet, in a library you include in each page) so no matter the enviroment, you'll always get the magic quotes reversed:
<?php
if (get_magic_quotes_gpc()) {
function stripslashes_deep($value)
{
$value = is_array($value) ?
array_map('stripslashes_deep', $value) :
stripslashes($value);
return $value;
}
$_POST = array_map('stripslashes_deep', $_POST);
$_GET = array_map('stripslashes_deep', $_GET);
$_COOKIE = array_map('stripslashes_deep', $_COOKIE);
$_REQUEST = array_map('stripslashes_deep', $_REQUEST);
}
?>
Taken from http://php.net/manual/en/security.magicquotes.disabling.php
144
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
