Stripping out Slashes

When you enter quotes, PHP will esape them using the backslash character. You want to keep the data as it's originaly entered.

Use stripslashes() to remove backslahes from the raw data passed from the form. 

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="EN" lang="EN">
<head>
<title>PHP</title>
<meta Name="Author" Content="Hann So">
</head>
<body>
<p>
<?php
function display_form() {
echo <<<HTML
<form action = "$_SERVER[SCRIPT_NAME]" method="post">
Comment: <textarea name="comment" rows="5" cols="50">
"Hello World!"
</textarea><br />
<input type="submit" value="submit" />
</form>
HTML;
}

// Make sure that the comment field exists
if (isset($_POST['comment'])) {
	echo 'The comment was: ', $_POST['comment'], '<br />';
	echo 'The comment was: ', stripslashes($_POST['comment']), '<br />';
}
else {
	display_form();
}
?>
</p>
</body>
</html>

View the effect


Forms | Introduction | Creating a Form | Superglobals | Processing Form Input | Required Fields | Numbers | Drop-Down Menus | Radio Buttons | Checkboxes | Periods in Their Names | Preventing Cross-Site Scripting | Stripping out Slashes | Redirecting the User | Server Information | Determining Browser Type | Sticky Forms
© 2008: Hann So
email: hso@voyager.deanza.edu