PHP: how to (correctly) remove escaped quotes in a

2019-04-26 18:35发布

站内问答 / PHP
436 2 4

As you know when Magic Quotes are ON, single quotes are escaped in values and also in keys. Most solutions to remove Magic Quotes at runtime only unescape values, not keys. I'm seeking a solution that will unescape keys and values...

I found out on PHP.net this piece of code:

$process = array(&$_GET, &$_POST, &$_COOKIE, &$_REQUEST);
while (list($key, $val) = each($process))
{
    foreach ($val as $k => $v)
    {
        unset($process[$key][$k]);
        if (is_array($v))
        {
            $process[$key][stripslashes($k)] = $v;
            $process[] = &$process[$key][stripslashes($k)];
        }
        else
        {
            $process[$key][stripslashes($k)] = stripslashes($v);
        }
    }
}
unset($process);

But I don't like "&" references and arrays as I got bugs like this one in the past...

Is there a "better" way to unescape Magic Quotes (keys and values) at runtime than the one above?

2条回答
劳资没心,怎么记你
2楼-- · 2019-04-26 18:58 
array_walk_recursive($_POST, 'stripslashes');

Do the same for GET and COOKIE.

查看更多
0人赞 添加讨论(0) 举报
啃猪蹄的小仙女
3楼-- · 2019-04-26 19:10

I think this is a little cleaner and avoids reference bugs:

function unMagicQuotify($ar) {
  $fixed = array();
  foreach ($ar as $key=>$val) {
    if (is_array($val)) {
      $fixed[stripslashes($key)] = unMagicQuotify($val);
    } else {
      $fixed[stripslashes($key)] = stripslashes($val);
    }
  }
  return $fixed;
}

$process = array($_GET,$_POST,$_COOKIE,$_REQUEST);
$fixed = array();
foreach ($process as $index=>$glob) {
  $fixed[$index] = unMagicQuotify($glob);
}
list($_GET,$_POST,$_COOKIE,$_REQUEST) = $fixed;
查看更多
0人赞 添加讨论(0) 举报
登录 后发表回答
相关问题
查看全部
相关文章
查看全部
收藏的人(4)