2

Is there a way to prevent JSON-data sent via a form to be escaped with slashes when retrieved with PHP?

I know how to remove slashes, but why is it even escaped? Can I prevent it? If I post json-data via ajax there is no slashes added.

Magic Quotes is not active, so that is not the problem.

To clarify, my problem is not how to json_decode or how to stripslashes. I want to know why my json data get slashes added to it when it is posted as a textarea. And if there is a way to to prevent it.

HTML:

<form method="POST">
  <textarea name="data">[{"id":85210094,"quantity":1}]</textarea>
  <input type="submit" value="POST">
</form>

PHP:

<?php
if($_POST['data']) {
  echo '<pre>';
  var_dump($_POST['data']); // string(34) "[{\"id\":85210094,\"quantity\":1}]"
  var_dump(json_decode($_POST['data'], true)); // NULL
  var_dump(json_decode(stripslashes($_POST['data']), true)); // array(1) { [0]=> array(2) { ["id"]=> int(85210094) ["quantity"]=> int(1) } }
  echo '</pre>';
}
?>
lejahmie
  • 17,938
  • 16
  • 54
  • 77
  • 1
    You could have magic_quotes on, refer this answer : http://stackoverflow.com/questions/2496455/why-are-post-variables-getting-escaped-in-php – ziggrat Jun 02 '15 at 07:38
  • `var_dump(get_magic_quotes_gpc()); // bool(false)` – lejahmie Jun 02 '15 at 07:56
  • Are you running any other software? Wordpress and similar things are known to proactively escape `$_POST`... – deceze Jun 02 '15 at 08:33
  • It is a hard coded normal form, as seen in question. Nothing more nothing less. It might be the case that POSTed forms always add slashes to quotes when received via PHP, I do not know, hence the question. If I check the console, the data do not have added slashes to it in the form data and request header. – lejahmie Jun 02 '15 at 10:35

0 Answers0