0

I am trying to remove the slashes from magic quotes from an array. So I have two functions, one is to remove the slashes, another is to set the variable.

// Strip slashes from an array.
function strip_magic_quotes($array)
{
    if (get_magic_quotes_gpc())
    {
        function stripslashes_array($array)
        {
            return is_array($array) ? array_map('stripslashes_array', $array) : stripslashes($array);
        }
        return stripslashes_array($array);
    }
    return $array;
}

function set_variable($array = array(),$key,$params = array())
{
    # If $params is not an array, let's make it array with one value of former $params.
    if(!is_array($params)) $params = array($params);
    if(!is_array($array)) parse_str($array, $array);

    # Strip slashes from the array if get_magic_quotes_gpc is on.
    $array = strip_magic_quotes($array);

    # This will return true or false.
    if(in_array('boolean', $params)) return isset($array[$key]) ? true : false;

    # This will regard '0' as a string.
    # Return value or 0 as a string.
    elseif(in_array('0', $params)) return isset($array[$key]) && ($array[$key] == '0') ? trim($array[$key]) : null;

    # Return null as string if 'null_to_string' is set.
    elseif(in_array('null_to_string', $params)) return isset($array[$key]) && !empty($array[$key]) ? trim($array[$key]) : 'null';

    # Check if the key is an array.
    elseif(isset($array[$key]) && !empty($array[$key]) && is_array($array[$key])) return isset($array[$key]) && !empty($array[$key]) ? $array[$key] : null;

    # This will regard '0', empty space as falsey.
    # Return value or null.
    else return isset($array[$key]) && !empty($array[$key]) ? trim($array[$key]) : null;
}

$array = array(
    'name'=>'Hello',
    'type'=>'{"page":"page"}'
);


# set the required array.
$items_variable = array(
    'name',
    'type'
);

# loop the array.
foreach( $items_variable as $item_variable )
{
    # set the main variables.
    $$item_variable = set_variable($array,$item_variable);
}

print_r($type);

I get this error in my live server which I don't understand it,

Fatal error: Cannot redeclare stripslashes_array() (previously declared in json.php:16) in json.php on line 16

line 16 refers to this line function stripslashes_array($array) which does not seem to have any mistake.

Any idea how to fix this?

Run
  • 54,938
  • 169
  • 450
  • 748

2 Answers2

1

Nested named functions are almost useless for exactly this reason.

You have to either move the nested function out or do an explicit function_exists check.

You can consider using an anonymous function in PHP 5.3 or above.

Matthew Flaschen
  • 278,309
  • 50
  • 514
  • 539
  • thanks. I haven't done any code with an anonymous function... not sure how to do it practically (not really understand the examples in php.net doc either...). – Run Mar 30 '12 at 00:23
  • Try the [second example](http://php.net/manual/en/functions.anonymous.php#example-161). – Matthew Flaschen Mar 30 '12 at 00:26
1

What happens is that everytime you call the function strip_magic_quotes PHP tries to declare the function stripslashes_array.

Why do you think you want to nest that function? If you really want to do it this way (which you shouldn't) you can change it to:

if (get_magic_quotes_gpc() && !function_exists('stripslashes_array')) {

Although this fixes the issue you simply shouldn't do it in the first place, because:

  • it would be better to disable (if possible) magic* for the better of mankind.
  • declaring functions in functions (although possible) should really be avoided in almost all cases.

Or you could simply just drop that inner function completely if you don't need it somewhere else and just let the code run in the outer function.

PeeHaa
  • 71,436
  • 58
  • 190
  • 262
  • can't remove it from ini php in my server... unless there are tricks to do so :-( – Run Mar 29 '12 at 23:56
  • Perhaps get other hosting? :P – PeeHaa Mar 29 '12 at 23:57
  • barely to get a hosting company does php 5.4 here in the UK unless you know any? – Run Mar 30 '12 at 00:01
  • 1
    @lauthiamkok you don't need PHP 5.4. You just need to be able to disable magic_quotes in the configuration. Are let the hosting company do it for you. There should be NO reason at all to have magic* enabled. Now that I think of it it wouldn't sirprise me if `Register globals` is also enabled in the config. – PeeHaa Mar 30 '12 at 00:04
  • Also besides the fact that you should disable it I have also provided two work-arounds for your problem (whether it is disabled or not). – PeeHaa Mar 30 '12 at 00:05
  • I will talk to them to turn it off! :-) – Run Mar 30 '12 at 00:10
  • @lauthiamkok just be cautions when doing it on a running website. E.g. are you DAMN sure all your queries are safe against attacks. e.g. SQL injection or you will make your website vulnerable everywhere you query the db. – PeeHaa Mar 30 '12 at 00:12
  • Thanks. I use PDO for all database injections, shouldn't it be safe? – Run Mar 30 '12 at 00:17
  • 1
    PDO alone doesn't make you SQL statements safer, but [prepared statements do](http://php.net/manual/en/pdo.prepared-statements.php). – PeeHaa Mar 30 '12 at 07:17
  • Yes, I prepare statements before injecting :-) Thank you very much for the advice! – Run Mar 30 '12 at 11:49