Stack Overflow
Stack Overflow

Questions tagged [stripslashes]

A PHP library function for un-quoting a quoted string or paraphrased stripping slashes from a string. Questions are about the workings or issues with the stripslashes function.

Un-quotes a quoted string. The function returns a string with backslashes stripped off. (\' becomes ' and so on.) Double backslashes (\) are made into a single backslash ().

Example (from PHP manual)

<?php
$str = "Is your name O\'reilly?";

// Outputs: Is your name O'reilly?
echo stripslashes($str);
?>

Links

108 questions
158
votes
9 answers

What is the simplest way to remove a trailing slash from each parameter?

What is the simplest way to remove a trailing slash from each parameter in the '$@' array, so that rsync copies the directories by name? rsync -a --exclude='*~' "$@" "$dir" The title has been changed for clarification. To understand the comments…
sid_com
  • 24,137
  • 26
  • 96
  • 187
17
votes
3 answers

PHP mysql_real_escape_string() -> stripslashes() leaving multiple slashes

I'm having issues escaping/stripping strings with PHP/MySQL - there always seems to be redundant slashes. Let's take the following string as an example: underline When adding a string to the…
teaforchris
  • 1,327
  • 1
  • 11
  • 19
14
votes
5 answers

Remove backslash \ from string using preg replace of php

I want to remove the backslash alone using php preg replace. For example: I have a string looks like $var = "This is the for \testing and i want to add the # and remove \slash alone from the given string"; How to remove the \ alone from the…
Vignesh Pichamani
  • 7,950
  • 22
  • 77
  • 115
8
votes
5 answers

Use JavaScript to stripslashes ? possible

I'm using ajax to grab a URL. The problem is the URL has slashes in it and when the JQuery load takes place afterwords it will not load the page. AJAX success bit: success: function(data) { $('#OPTcontentpanel').load(data.OPTpermalink); PHP echo…
Walrus
  • 19,801
  • 35
  • 121
  • 199
5
votes
9 answers

Confusion about mysql_real_escape_string and strip_slashes

I have users entering their name, as in: O'riley. Before I enter this data into the MySQL DB, I run mysql_real_escape_string. Problem is, when I then select this data for display and use later, it comes out as: O\'riley. Obviously, this is the…
Shackrock
  • 4,601
  • 10
  • 48
  • 74
5
votes
1 answer

Is there a reason why I need to use stripslashes for user submitted data?

What do people use stripslashes for and is it typically used in conjunction with addslashes? Why should I strip or add slashes to a string that's submitted by a user?
locoboy
  • 38,002
  • 70
  • 184
  • 260
5
votes
2 answers

PHP Security (strip_tags, htmlentities)

I'm working in a personal project and besides using prepared statements, I would like to use every input as threat. For that I made a simple function. function clean($input){ if (is_array($input)){ foreach ($input as $key => $val){ …
Tiago
  • 625
  • 5
  • 16
5
votes
3 answers

Why the HTML entities are getting displayed on iPhone/iPhone simulator even after removing them using PHP?

I'm sending a JSON encoded response to the request coming from iPhone. In few of the values some HTML entities are present. I tried using stripslashes() and html_entity_decode() on such values. In browser I'm able to get the proper JSON response…
PHPLover
  • 1
  • 51
  • 158
  • 311
3
votes
2 answers

PHP - Slashes are coming after using the stripshales for String

i am using mysqli connection. $conn = new mysqli($host, $user, $password, $database); Storing the Data in DB with below syntax $site_description = $conn->real_escape_string($_POST['site_description']); $conn->query("UPDATE `r_site_details` SET …
Snopzer
  • 1,602
  • 19
  • 31
3
votes
1 answer

What does wordpress do if magic quotes are turned off at server?

We recently upgraded to php 5.4.15, and it does not have magic quotes on as default. It was time :) But it turns out wp is adding its own slashes to POST and everything, for its internal compatibility reasons. Now in a lot of plugins, I had some…
Johan
  • 637
  • 7
  • 11
3
votes
1 answer

stripslashes security testing

I am testing how secure is to use stripslashes() I tried the following : $str = chr(0xbf) . chr(0x27); var_dump(stripslashes($str)); // string(2) " �' " Then I changed it to this : $str = $_POST['input']; // %bf%27; …
John
  • 7,500
  • 16
  • 62
  • 95
3
votes
2 answers

PDO: stripslashes when getting results

I am using PDO prepared statements so it's adding slashes when it's needed before inserting into the database. I was wondering the proper way to get the results and display it on the website without showing the slashes. Is it as easy as just using…
Draven
  • 1,467
  • 2
  • 19
  • 47
2
votes
4 answers

I use mysql_real_escape_string before SQL INSERT, but then have to apply stripslashes to my retrieved data. Is it normal?

I'm no PHP/SQL expert, and I've juste discovered that i had to apply mysql_real_escape_string to secure my SQL INSERTS. I made a function using several advice found on the net, here it is: function secure($string) { if(is_numeric($string)) {…
Baptiste
  • 323
  • 5
  • 16
2
votes
3 answers

PHP - magic quotes gpc and stripslashes question

Okay my hosting company has magic_quotes_gpc turned ON and I coded my PHP script using stripslashes() in preparation of this. But now the hosting company says its going to turn magic_quotes_gpc OFF and I was wondering what will happen now to my data…
HELP
  • 14,237
  • 22
  • 66
  • 100
2
votes
4 answers

Escaping values with apostrophes for MySQL insert

I am trying to create some SQL insert statements and a few variables have names like the following: "Aamma's Pastries" I want to escape the quote (') as I am adding the value into the MySQL database. How do I do that with PHP?
Harsha M V
  • 54,075
  • 125
  • 354
  • 529
1
2 3 4 5 6 7 8