Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

PHP Forms Breaking Links


  • Please log in to reply
4 replies to this topic

#1 NpaMA

NpaMA

  • Members
  • 635 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Memphis, TN
  • Local time:06:29 AM

Posted 17 September 2011 - 06:58 AM

I want a simple form where people can enter information, including HTML (this is a passworded form where only select people will have access, security of it being hijacked or injected isn't really a concern), that outputs it to a file. I have that part working, but when sending links, for whatever reason, it breaks him. For example if I enter
<a href="http://www.google.com/">Google</a>

and submit it, it breaks it into

<a href="\http://www.google.com/\">Google</a>

Which of course, sends it to site.com/\http://www.google.com/\

Any way to fix this?

It's a simple form, and ill include it here:

Main Page

<form action="add.php" method="post">
Name: 
<input type="text" name="name" /><br />
Message: <textarea name="content"></textarea>
<br>
<br>
 <input type="submit" />

add.php

<?php 

$fh = fopen("somefile.php", "w+");
if($fh==false)
	die("Fatal Error");
$stringData = "Name: {$_POST['name']} <br /><br /> {$_POST['content']}";
fwrite($fh, $stringData);

?>


Any idea how to fix the broken links?

Edited by NpaMA, 17 September 2011 - 06:59 AM.


BC AdBot (Login to Remove)

 


#2 NpaMA

NpaMA
  • Topic Starter

  • Members
  • 635 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Memphis, TN
  • Local time:06:29 AM

Posted 17 September 2011 - 07:24 AM

Got it, you just need to add the following to your php.ini:

magic_quotes_gpc = Off

But warning to everyone that tries it: It will mess up some databases (the reason PHP puts \ before " and ').

For me, that isn't an issue.

#3 ChelseaWoolf

ChelseaWoolf

  • Members
  • 58 posts
  • OFFLINE
  •  
  • Local time:02:29 AM

Posted 15 December 2013 - 12:05 AM

Yep - it is \n.



#4 Guest_philsmith_dot_com_*

Guest_philsmith_dot_com_*

  • Guests
  • OFFLINE
  •  

Posted 20 January 2014 - 02:22 PM

Safer to add stripcslashes:

 

$name = stripcslashes($POST['name']);

$content = stripcslashes($POST['content']);

$stringData = "Name: {$name} <br /><br /> {$content}";

 

That is, if the url you posted was correct. I see <a href="\http://www.google.com/\">Google</a> which stripcslashes wouldn't help. It would fix <a href=\"http://www.google.com/\">Google</a>



#5 SusanWhite

SusanWhite

  • Banned Spammer
  • 11 posts
  • OFFLINE
  •  
  • Gender:Female

Posted 24 January 2014 - 11:52 AM

I would not suggest to off the magic quotes because it will make your website vulnerable. You should use urlencode or rawurlencode.






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users