Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.


PHP Forms Breaking Links

  • Please log in to reply
4 replies to this topic

#1 NpaMA


  • Members
  • 635 posts
  • Gender:Male
  • Location:Memphis, TN
  • Local time:06:29 AM

Posted 17 September 2011 - 06:58 AM

I want a simple form where people can enter information, including HTML (this is a passworded form where only select people will have access, security of it being hijacked or injected isn't really a concern), that outputs it to a file. I have that part working, but when sending links, for whatever reason, it breaks him. For example if I enter
<a href="http://www.google.com/">Google</a>

and submit it, it breaks it into

<a href="\http://www.google.com/\">Google</a>

Which of course, sends it to site.com/\http://www.google.com/\

Any way to fix this?

It's a simple form, and ill include it here:

Main Page

<form action="add.php" method="post">
<input type="text" name="name" /><br />
Message: <textarea name="content"></textarea>
 <input type="submit" />



$fh = fopen("somefile.php", "w+");
	die("Fatal Error");
$stringData = "Name: {$_POST['name']} <br /><br /> {$_POST['content']}";
fwrite($fh, $stringData);


Any idea how to fix the broken links?

Edited by NpaMA, 17 September 2011 - 06:59 AM.

BC AdBot (Login to Remove)


#2 NpaMA

  • Topic Starter

  • Members
  • 635 posts
  • Gender:Male
  • Location:Memphis, TN
  • Local time:06:29 AM

Posted 17 September 2011 - 07:24 AM

Got it, you just need to add the following to your php.ini:

magic_quotes_gpc = Off

But warning to everyone that tries it: It will mess up some databases (the reason PHP puts \ before " and ').

For me, that isn't an issue.

#3 ChelseaWoolf


  • Members
  • 58 posts
  • Local time:02:29 AM

Posted 15 December 2013 - 12:05 AM

Yep - it is \n.

#4 Guest_philsmith_dot_com_*


  • Guests

Posted 20 January 2014 - 02:22 PM

Safer to add stripcslashes:


$name = stripcslashes($POST['name']);

$content = stripcslashes($POST['content']);

$stringData = "Name: {$name} <br /><br /> {$content}";


That is, if the url you posted was correct. I see <a href="\http://www.google.com/\">Google</a> which stripcslashes wouldn't help. It would fix <a href=\"http://www.google.com/\">Google</a>

#5 SusanWhite


  • Banned Spammer
  • 11 posts
  • Gender:Female

Posted 24 January 2014 - 11:52 AM

I would not suggest to off the magic quotes because it will make your website vulnerable. You should use urlencode or rawurlencode.

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users