PHP Post value without adding slashes

Question

I have this PHP code that contacts an external API

$arr = array(
        "domain_name" => $_POST["domain"],
       "auto_renew" => false,
       "domain_lock" => false,
       "whois_privacy" => false, 
       "contact_registrant_id" => $_POST["registrant_contact"], 
       "contact_admin_id" => $_POST["admin_contact"], 
       "contact_tech_id" => $_POST["tech_contact"], 
       "contact_billing_id" => $_POST["billing_contact"], 
       "auth_code" =>($_POST["auth_code"])
    );

The value I am posting for $_POST["auth_code"] is l&"IkM%Wbjjq7

However, when it posts this value, its being posted as l&\\\"IkM%Wbjjq7

So its adding the slashes, which is causing a problem.

check this link http://stackoverflow.com/questions/6339145/how-to-remove-multiple-slashes-in-uri-with-preg-or-htaccess — satish kilari, Aug 02 '16 at 05:40
even you can you can use stripslashes(). http://www.w3schools.com/php/func_string_stripslashes.asp — satish kilari, Aug 02 '16 at 05:42

score 1 · Answer 1 · answered Aug 02 '16 at 05:48

1

it may help you. The "magic_quotes_gpc" might be on.You can disable it in php.ini.

magic_quotes_gpc = Off 

OR 

$str = $_POST["auth_code"];
echo get_magic_quotes_gpc() ? stripslashes($str) : $str;

OR 

echo stripslashes($str);

answered Aug 02 '16 at 05:48

Sunil kumar

761
5
15

this is currently disabled – charlie Aug 02 '16 at 05:56

score 0 · Answer 2 · edited May 23 '17 at 11:51

This is probably due to magic quotes. See https://stackoverflow.com/a/517027/4275413 and http://php.net/manual/de/security.magicquotes.disabling.php for further details (second link official way to "disable" them).

This once was a good idea to protect the user (read the coder) from himself, when inserting stuff into the database or some other place, by adding escaping by default, which of course ruins almost every script not expecting it.

PHP Post value without adding slashes

2 Answers2