 |
Smarty
WARNING: All discussion is moving to https://reddit.com/r/smarty, please go there! This forum will be closing soon. |
|
| View previous topic :: View next topic |
| Author |
Message |
Andi
Smarty n00b
Joined: 08 Jun 2003
Posts: 1
|
 Posted: Sun Jun 08, 2003 9:41 am Post subject: $smarty.gpc.* AND magic_quotes_gpc |
 |
|
In Forms i often write monkeyforms like:
| Code: | | <input type='text' name='foo' value='{$smarty.post.foo}' /> |
but the problem is that, if magic_quotes_gpc is on, that there are still slashes. Temporarily i solved it with an modifier "$smarty.gpc.foo|gpc" which removes the slashes if magic_quotes_gpc is on. But i think nobody ever will need slashes in html output... Will this be changed in further versions? Because it think magic_quotes_gpc is only for coding, but not for html output.
sorry for my poor english, i'm german.  |
|
| Back to top |
|
mohrt
Administrator
Joined: 16 Apr 2003
Posts: 7368
Location: Lincoln Nebraska, USA
|
| Posted: Sun Jun 08, 2003 7:44 pm Post subject: |
|
|
You're best off disabling magic quotes. IMHO magic quotes are ill-featured, it is not correct to blindly escape all get/post/cookie vars when this is only needed in certain situations. It certainly doesn't make sense when displaying the contents of these variables, you have to unescape what was unnecessarily escaped in the first place.
To answer your question, Smarty will not support automatic escapement of magic quotes. You will have to roll your own solution if you need them on. You could write a prefilter that unescapes all assigned variables, that might be cleaner than doing it directly in the template on each var.
Monte |
|
| Back to top |
|
|
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
|
Powered by phpBB © 2001, 2005 phpBB Group
|
