I use a similar form on a regular basis and have just become aware that whenever a single OR double quotation mark is inputted into the form the output to myself (through email) displays the quotation mark as the ASCII code so \' with a backslash ive looked around and dipped into unique character encodings specialentities but cant seem to find anything that will help output it as a normal quotation mark.
it is magic_quotes_gpc long-time deprecated ancient PHP setting.
ReplyDeletejust turn it off
What version of PHP are you using? It sounds like you may have magic quotes enabled, a deprecated "feature" that automatically adds backslashes to quotes in $_GET and $_POST. It is considered bad practice nowadays to use it, so you should make sure it's disabled. See this page for how to check if it's enabled and disable it.
ReplyDeleteIn general, if you have a string with escaped quotes, you can use stripslashes to get rid of them.
$str = "\'hello\'";
echo $str . "\n";
//\'hello\'
echo stripslashes($str) . "\n";
//hello
It is an old security feature from PHP called "Magic Quotes". All Quotes from GET- and POST varables are escaped with the backslash.
ReplyDeleteYou can disable it by changing the value of magic_quotes_gpc to off in your servers php.ini or manually sanitize the strings using stripslashes($string).