Every time i try to update my textarea and inside the textarea I add a quote "
, after i update i get 1 \
, i update again i get 3 slashes \\\
, again 5 slashes and so on.
Tried adding in php ini the the 3 codes to disable the magic quotes but nothing:
magic_quotes_gpc = Off
magic_quotes_runtime = Off
magic_quotes_sybase = Off
Added also in the root folder and the folder where the file is located. Also tried this https://www.php.net/manual/en/security.magicquotes.disabling.php example 2 and first comment and still nothing.
This is my code:
PHP
$username=$_SESSION['username'];
$viewtopic = $_GET['viewtopic'];
if ($_POST['edit'] && strip_tags($_POST['topictext'])){
$viewtopic = $_POST['id'];
$topictext=mysql_real_escape_string(strip_tags($_POST['topictext']));
$title=mysql_real_escape_string(strip_tags($_POST['title']));
mysql_query("UPDATE topics SET topictext=".quote_smart($topictext).", title=".quote_smart($title)." WHERE id=".quote_smart($viewtopic)."");
echo "You have updated your topic!";
}
HTML
<textarea name="topictext" rows="2" cols="20" id="main_tbContent" class="TextBox" style="height:128px;width:99%;"><? echo str_replace("\\r\\n","\r\n",$rows['topictext']); ?></textarea><br />
Okay, in my code for my database entries, this is what I do. Let me start by saying that I always send via POST method to avoid browser url complications.
When I get the POST data, this is my code.
When I ask for the information back in a select query, I do not do anything special, all I do is a normal fetch_assoc or fetch_array with no functions at all. This always works for both input values and textareas.
This should be yours:
And do not forget your single quotes when passing text data as a value in mysql. I added them.
I am currently using this on my local site.
Also, please remove all instances of
mysql_real_escape_string
functions.