Welcome Guest, Not a member yet? Register   Sign In
Automatic Escaping in CI

I've tried to simplify the problem down as far as possible.

I have a simple controller with two methods. One displays a form with a single input (text) field and a submit button. The other does print_r($GLOBALS).

I have placed this controller in two different sites running in virtual hosts on the same server.

Neither site has apostrophes escaped in HTTP_POST_VARS.

Site1 has apostrophes escaped in _POST, but Site2 does not.

If I drop the whole thing out of CodeIgniter (but still inside the virtual hosts) and just make a simple 2-page form/submit application, neither HTTP_POST_VARS nor _POST is escaped with either site.

What's going on?


On a completely unrelated note, I find it quite humorous that the spell-check library doesn't have CodeIgniter.

*** EDITED ***
I've put the following at the top of the CI_Config() function in the CI_Config class ...

if($_POST) {
print_r($_POST); die();

and it is already escaped there.

You simply check get_magic_quotes_gpc() on that server.
if it return true that mean all $_POST variable will escape with backslash(\).
but if it return false then you can determine how to deal with your $_POST varibles.

get_magic_quotes_gpc() run immediately before the print_r($GLOBALS) returns 0 on both sites.

OK - I figured out what was causing the problem. I'll update the thread after I get some more details, but the issue was the following (which was included at the top of the index.php file).


So - not CIs fault - but, instead, WordPress's.

Theme © iAndrew 2016 - Forum software by © MyBB