Vanilla 1 is no longer supported or maintained. If you need a copy, you can get it here.
HackerOne users: Testing against this community violates our program's Terms of Service and will result in your bounty being denied.

StripSlashes Bug

NickENickE New
edited October 2005 in Vanilla 1.0 Help
You guys must be sick of me doing this, but I've found yet another slight problem which only occurs on servers which aren't running PHP with magic quotes on, like mine. Admittedly, this is partly because of the function stripslashes()'s lack of precision, but at the current Vanilla autmatically calls this function without first checking to see if magic quotes are on, and thus, when magic quotes is off, subsequently removes backslashes that were supposed to be there. I'd recommend having a global variable which is set to the return of get_magic_quotes_gpc(), and checking if that global is true before calling stripslashes(), so you won't have to call that function in each execution of ForceIncomingString() and FormatHTMLStringInline().

Comments

  • MarkMark Vanilla Staff
    edited October 2005
    Okay, I haven't tested this yet, but in the dev version I have written this function in the Utility.Functions.php file:
    function Strip_Slashes($InString) {
    	return get_magic_quotes_gpc() ? stripslashes($InString) : $InString;		
    }
    I've then replaced all instances of stripslashes in the application with Strip_Slashes. I am assuming that your problem will occur in any instance of the function.

    And please don't apologize for finding bugs. I love bug-finders. Keep up the good work! :)
This discussion has been closed.