[nycphp-talk] Bug in PHundamentals function?
Dan Cech
dcech at phpwerx.net
Mon Oct 3 17:09:17 EDT 2005
Aaron,
As it happens I wrote the line in question, so I'll try and explain
what's going on ;)
I think that you're confused about the effect of the magic_quotes_sybase
php.ini directive.
Say you had the string:
I'm heading out on the road
With magic_quotes_gpc=On and magic_quotes_sybase=Off, the string coming
in would look like:
I\'m heading out on the road
With magic_quotes_gpc and magic_quotes_sybase both On, the string coming
in would look like:
I''m heading out on the road
So, in php/english the idea of that line is:
if (magic_quotes_sybase = On) {
// replace '' with '
return str_replace ('\'\'', '\'', $var)
} else {
// use regular stripslashes
return stripslashes ($var)
}
You could also write the line as:
return $sybase ? str_replace ("''", "'", $var) : stripslashes ($var);
to have the same effect, but I tend to prefer using single-quoted
strings unless I'm actually embedding \n line breaks or variables, so I
went with the single-quotes-and-slashes encoding.
Dan
Aaron Fischer wrote:
> I've been thinking of implementing the PHundamentals function for fixing
> magic quotes when on a shared server:
> (http://www.nyphp.org/phundamentals/storingretrieving.php)
>
> The line in question:
> return $sybase ? str_replace ('\'\'', '\'', $var) : stripslashes ($var);
>
> I broke the str_replace and stripslashes out into separate code to test
> and make sure I understand what was going on.
>
> When testing, the str_replace wasn't working as is with the search and
> replace string surrounded by single quotes. After checking the php
> manual , I changed the search and replace text to be surrounded by
> double quotes and it worked correctly.
>
> Should the PHundamentals function be changed to have double quotes?
>
> Here's the code I used to test:
>
> // test sybase str_replace with single quotes - doesn't appear to
> produce desired result
> echo '<br /><br />';
> $sb_string = "I\'\'m heading out on the road";
> $sb_string_new = str_replace('\'\'', '\'', $sb_string);
> echo 'Sybase string is ' . $sb_string . '<br />';
> echo 'String replace produces ' . $sb_string_new . '<br />';
>
> // test sybase str_replace with double quotes - appears to produce
> desired result
> echo '<br />';
> $sb_string_new = str_replace("\'\'", "\'", $sb_string);
> echo 'Sybase string is ' . $sb_string . '<br />';
> echo 'String replace produces ' . $sb_string_new . '<br />';
>
> And the output:
> Sybase string is I\'\'m heading out on the road
> String replace produces I\'\'m heading out on the road
>
> Sybase string is I\'\'m heading out on the road
> String replace produces I\'m heading out on the road
>
> Thoughts?
>
> -Aaron
> _______________________________________________
> New York PHP Talk Mailing List
> AMP Technology
> Supporting Apache, MySQL and PHP
> http://lists.nyphp.org/mailman/listinfo/talk
> http://www.nyphp.org
More information about the talk
mailing list