Is this bug of PHP? Help me!!

[itsource]

My code has one textarea and submit button. When type text in textarea and submit, the text is display on the screen and old text is still in textarea. The problem is when type \ or ' first when submit the \ is duplicate to \\ when submit again will get \\\\ and double .............

I type only one \ and submit many time, the result is I have many \ in text area . Is this bug. Can I correct this?

Here is my code

PHP Code:

<HTML>
<HEAD>
<TITLE> New Document </TITLE>
<LINK REL=STYLESHEET TYPE="text/css" HREF="../general.css">
</HEAD>
<BODY BGCOLOR="#FFFFFF">


<form method=post action="<? echo $PHP_SELF; ?>">
<textarea name=text cols=80 rows=10><? echo $text; ?></textarea><br>
<input type=submit>
<? $text = nl2br(htmlspecialchars($text)); ?>
</form>

<?
print "<br>$text"; //nl2br
?>

</BODY>
</HTML>

[seanf]

No, it is not a bug it is because magic_quotes_gpc is on. You can change it in php.ini

Sean

[freddydoesphp]

Alternatively you can just use

PHP Code:

<textarea name=text cols=80 rows=10><? echo stripslahes($text); ?></textarea><br>

instead of

PHP Code:

<textarea name=text cols=80 rows=10><? echo $text; ?></textarea><br>

[itsource]

Thanks seanf and freddydoesphp for reply.

1. The method of seanf has work. No problem. But I don't know what is magic_quotes_gpc is mean. Can you explain me?


The method of freddydoesphp still has problem. althoungt I try to addslashes and stripslashes later.

if magic_quotes_gpc = off
when only stripslashes

PHP Code:

<textarea name=text cols=80 rows=10><? echo stripslahes($text); ?></textarea><br>

if I type \\\\ and submit the result show \\\\ but old text in textarea ramain \\
when I addslashes and stripslashes If I type \\\\ and submit the result show \\\\\\\\ and old text in textarea remain \\


if magic_quotes_gpc = on
if only stripslashes when type x (\) the result is show 2x(\)
if addslashes and stripslash when type x(\) the result is show 4x(\)

2. If I want to use addslash and stripslash how can I prevent this problem?

[timnz]

Can't quite see what you are getting at, but what magic_quotes_gpc does, in this case, is always add an extra \ to any characters that could cause a problem, in this case, the backslash (\).

If magic_quotes_gpc is off, then it is a good idea to do this manually, what you do is run addslashes() before you play with any of the text, and stripslashes() to pull the extra \ off any characters that could cause a problem, in this case, it is the \, before you print it out.

[freddydoesphp]

Okay if you already have slashes in your data then yes my way won't work its only going to pull the slash off that the magic_quotes_gpc tacks on, if there are already some in there it isn't going to change anything. You need to start with fresh data without slashes.

[DR_LaRRY_PEpPeR]

i understand what he means. he doesn't want to use stripslashes if magic_quotes is on. use this:

PHP Code:

if (get_magic_quotes_gpc())
{
    $txt = stripslashes($txt);
}