Smarty Forum Index Smarty
WARNING: All discussion is moving to https://reddit.com/r/smarty, please go there! This forum will be closing soon.

$smarty.post and magic_quotes_gpc

 
This forum is locked: you cannot post, reply to, or edit topics.   This topic is locked: you cannot edit posts or make replies.    Smarty Forum Index -> General
View previous topic :: View next topic  
Author Message
Fiouz
Smarty n00b


Joined: 16 Jul 2003
Posts: 3

PostPosted: Wed Aug 20, 2003 2:38 pm    Post subject: $smarty.post and magic_quotes_gpc Reply with quote

Hello,

I'm using the latest stable release of Smarty (not the RC) and my webserver has the magic_quotes_gpc option enabled (I can't edit it).

When using $smarty.post.my_variable in textfield of input elements, texts are escaped with \ because of the magic_quotes_gpc option.

I've looked at the latests RC source and didn't see any use of get_magic_quotes_gpc() function to prevent this so I'm thinking of a bug...

How can I make $smarty.post (and maybe $smarty.get and $smarty.cookie) not being affected by magic_quotes_gpc option ? A designer can't understand why some characters become escaped when he submit a form...

Thanks for help
Back to top
View user's profile Send private message
messju
Administrator


Joined: 16 Apr 2003
Posts: 3336
Location: Oldenburg, Germany

PostPosted: Wed Aug 20, 2003 3:03 pm    Post subject: Reply with quote

if you want full control over the request-data don't use $smarty.get, $smarty.post etc, but assign your own versions of the values (maybe filtered through stripslashes) and use those.
Back to top
View user's profile Send private message Send e-mail Visit poster's website
Fiouz
Smarty n00b


Joined: 16 Jul 2003
Posts: 3

PostPosted: Wed Aug 20, 2003 5:49 pm    Post subject: Reply with quote

Ok, I'll do this...

That was what I didn't want to but if there is no other solution...

So finally $smarty.post, $smarty.get, $smarty.cookie are bad Smarty implementation because a designer can't ensure it will display things like they should be.

Thanks for your answer.
Back to top
View user's profile Send private message
boots
Administrator


Joined: 16 Apr 2003
Posts: 5611
Location: Toronto, Canada

PostPosted: Wed Aug 20, 2003 6:03 pm    Post subject: Reply with quote

Note: if using Apache, you can set the magic_quotes_gpc in the .htaccess file.

see: http://php.net/function.ini-set

You can also create a modifier to unquote your vars in template:

{$smarty.get.myvar|unquote}

But I defer to messju here as I don't think that the request vars should be automatically made available to the template anyhow.
Back to top
View user's profile Send private message
messju
Administrator


Joined: 16 Apr 2003
Posts: 3336
Location: Oldenburg, Germany

PostPosted: Wed Aug 20, 2003 6:26 pm    Post subject: Reply with quote

Fiouz wrote:
So finally $smarty.post, $smarty.get, $smarty.cookie are bad Smarty implementation because a designer can't ensure it will display things like they should be.


IMHO it was a bad decision to add access to the request vars in smarty in the first place. handling request input is business-logic and does not belong into the template(-engine).

but it's not the implementation that is lacking what you want. as you stated in your first post: your hosting provider doesn't provide the right settings for you and does not allow you to change it. that's bad.
Back to top
View user's profile Send private message Send e-mail Visit poster's website
Fiouz
Smarty n00b


Joined: 16 Jul 2003
Posts: 3

PostPosted: Wed Aug 20, 2003 9:44 pm    Post subject: Reply with quote

Thanks for your advice messju and boots and sorry for the noise: I will use smarty::assign() with get_magic_quotes_gpc() and stripslashes()
Back to top
View user's profile Send private message
Display posts from previous:   
This forum is locked: you cannot post, reply to, or edit topics.   This topic is locked: you cannot edit posts or make replies.    Smarty Forum Index -> General All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum


Powered by phpBB © 2001, 2005 phpBB Group
Protected by Anti-Spam ACP