1
Wongod
How do you prevent AMS from escaping ' " with \?
  • 2005/8/9 0:06

  • Wongod

  • Just popping in

  • Posts: 1

  • Since: 2005/8/9 0


In my article posts, about half of the quotes and double quotes have a preceding \ in front of them. Does anyone know how to fix this?

2
brash
Re: How do you prevent AMS from escaping  " with \?
  • 2005/8/9 0:31

  • brash

  • Friend of XOOPS

  • Posts: 2206

  • Since: 2003/4/10


Turn of magic quotes in php.ini, or if you're using Apache you can do this in a .htaccess file.
IT Headquarters
Innovative IT Solutions

3
gestroud
Re: How do you prevent AMS from escaping  " with \?
  • 2005/8/9 1:40

  • gestroud

  • Home away from home

  • Posts: 1538

  • Since: 2004/12/22


I've asked the same question a while ago. So I guess the follow-up question is where do we find the php.ini file? Or is it something that your web host has to attend to? I've looked in every folder accessible, and can't locate the file.

4
brash
Re: How do you prevent AMS from escaping  " with \?
  • 2005/8/9 1:43

  • brash

  • Friend of XOOPS

  • Posts: 2206

  • Since: 2003/4/10


You'll need to contact your host for specifics, but what you want set is;
Quote:

magic_quotes_gpc = Off
IT Headquarters
Innovative IT Solutions

5
gestroud
Re: How do you prevent AMS from escaping  " with \?
  • 2005/8/9 1:59

  • gestroud

  • Home away from home

  • Posts: 1538

  • Since: 2004/12/22


Thank you, thank you & THANK YOU Resized Image

6
JMorris
Re: How do you prevent AMS from escaping  " with \?
  • 2005/8/9 2:08

  • JMorris

  • XOOPS is my life!

  • Posts: 2722

  • Since: 2004/4/11


I too asked this a few days ago. Is there any plans to eliminate this problem in future versions? AMS is the only Article/News module I know of that has this issue with magic quotes on.

Also, some of the more strict hosts will not allow overrides in .htaccess files, attempting your work-around generates a 500 error. This happened when I tried to create a .htaccess file with the line you suggested.

Thanks,

James
Insanity can be defined as "doing the same thing over and over and expecting different results."

Stupidity is not a crime. Therefore, you are free to go.

7
JMorris
Re: How do you prevent AMS from escaping  " with \?
  • 2005/8/9 2:22

  • JMorris

  • XOOPS is my life!

  • Posts: 2722

  • Since: 2004/4/11


I just found a very interesting article about addslashes() and how to auto detect if magic_quotes_gpc is on using a small php script. Maybe this would be a worthwhile addition to AMS to detect if magic_quotes is running on the host server. This would allow the exclusion of addslashes() on hosts that already have magic_quotes_gpc on?

Link: http://www.webmasterstop.com/63.html

Am I onto something or way off base?

Thanks,

James
Insanity can be defined as "doing the same thing over and over and expecting different results."

Stupidity is not a crime. Therefore, you are free to go.

8
brash
Re: How do you prevent AMS from escaping  " with \?
  • 2005/8/9 2:39

  • brash

  • Friend of XOOPS

  • Posts: 2206

  • Since: 2003/4/10


Thanks for the link Jmorris. I personally host all my own sites, so this isn't an issue for me. However, if someone would like to donate the updated files to correct this I'll happily release it and a few other small fixes and updates as AMS 2.42 .
IT Headquarters
Innovative IT Solutions

9
JMorris
Re: How do you prevent AMS from escaping  " with \?
  • 2005/8/9 2:48

  • JMorris

  • XOOPS is my life!

  • Posts: 2722

  • Since: 2004/4/11


I'm not a programmer, I just googled magic_quotes_gpc .htaccess 500 error apache and got that result. I'll see if I can hack my way through it. If I'm successful, I'll submit the files.

Best Regards,

James
Insanity can be defined as "doing the same thing over and over and expecting different results."

Stupidity is not a crime. Therefore, you are free to go.

10
JMorris
Re: How do you prevent AMS from escaping  " with \?
  • 2005/8/9 3:11

  • JMorris

  • XOOPS is my life!

  • Posts: 2722

  • Since: 2004/4/11


Well, I found the files and every instance of addslashes and stripslashes, and um, damn! Yup, I don't know a bit of php. I've hacked a little php here and there, but I'm not even sure where to begin with this.

The basic jest of the article is to use a function that detects whether magic_quotes_gpc is off or on. This is the example they provided:

highlight_string "
function myAddSlashes( 
$string ) {

if (get_magic_quotes_gpc()==1) {

return ( 
$string );

} else {

return ( addslashes ( 
$string ) );

}

}

?>" 
);
?>


In AMS/class/class.newstory.php, for example, there are a several different places addslashes are used. Here are a couple examples:

$sql sprintf("UPDATE %s SET title = '%s', published = 0, expired = %u, nohtml = %u, nosmiley = %u, topicid = %u, ihome = %u, topicdisplay = %u, topicalign = '%s', comments = %u, banner= '%s' WHERE storyid = %u"$this->table$title$expired$this->nohtml$this->nosmiley$this->topicid$this->ihome$this->topicdisplay$this->topicalign$this->comments$myts->addSlashes($this->banner), $this->storyid);

$hometext $myts->addSlashes($hometext);


Ok, I can put 1+1 together and get 2, and I can code HTML and CSS until the cows come home, but I haven't got a clue how to integrate the function they are describing into the current code. Would it be inline? Would I have to define a global variable?

Also, there are a lot of instances of stripslashes as well. How would I need to modify those instances to prevent errors ?

For example, in AMS/submit.php:
$fldname = (get_magic_quotes_gpc()) ? stripslashes($fldname['name']) : $fldname['name'];


To a php coder, I'm sure my questions are really stupid. Sorry if they are. If I had time to learn php on my own, I wouldn't bother asking, but I'm in a situation where time is a luxury I don't have a lot of.

Any help in getting this complete php n00b started would be GREATLY appreciated!

Thank you,

James
Insanity can be defined as "doing the same thing over and over and expecting different results."

Stupidity is not a crime. Therefore, you are free to go.

Login

Who's Online

346 user(s) are online (113 user(s) are browsing Support Forums)


Members: 0


Guests: 346


more...

Donat-O-Meter

Stats
Goal: $100.00
Due Date: Oct 31
Gross Amount: $0.00
Net Balance: $0.00
Left to go: $100.00
Make donations with PayPal!

Latest GitHub Commits