Welcome to Geeklog, Anonymous Thursday, March 28 2024 @ 02:19 pm EDT

Geeklog Forums

Static pages removing slashes on save.


Jay

Anonymous
I'm trying to use the userlogin4root static page. Problem is, everytime I hit save, it removes all the slashes from the code.

Example.

I put this in
Text Formatted Code

        . "<form action=\"{$_CONF['site_url']}/staticpages/index.php?page=userlogin4root\" method=\"post\">"
        . "Username: <input type=\"text\" name=\"username\" value=\"\"> "
        . "<input type=\"submit\">";
 


And when I hit save, it converts all that to this
Text Formatted Code

        . "<form action="{$_CONF['site_url']}/staticpages/index.php?page=userlogin4root" method="post">"
        . "Username: <input type="text" name="username" value=""> "
        . "<input type="submit">";
 


which, in turn, makes the static page blank.

Refer to this thread for more examples and everything I've done so far. I'm not sure if this is a glitch in geeklog, a setting, or something on my server(?).

Any information is appreciated. Thanks
 Quote

Jay

Anonymous
I just checked the table in mySQL and the slashes show up there. No clue what is going on..
 Quote

tokyoahead

Anonymous
then it seems they get removed on display instead on save.
 Quote

Jay

Anonymous
So does that mean they're still there, I just don't see them when I'm in the edit screen, or is it removing them when running the script too?
 Quote

tokyoahead

Anonymous
it seems that they are removed when you run the script, since it does not work :-)

but you can check when you run the script by looking at the page's sourcecode.

Oliver
 Quote

Jay

Anonymous
I checked the sourcecode and it's not showing anything at all. It's removing all the code it seems.
 Quote

tokyoahead

Anonymous
that soudns strange however.
If the code is correctly in the database but does not show up at all except a blak in the website, then you should check your server errorlog for details.
also a URL would help so I can take a look at the output.
 Quote

Jay

Anonymous
Error log says something about upgrading the Zend Optimizer.

I guess I should have looked there first. The URL is being PM'ed to you. The site's not launched yet, so I don't want any stray links.
 Quote

Status: offline

Jay

Forum User
Junior
Registered: 02/14/07
Posts: 16
Location:Beverly, MA
Alright, I contacted my host, and they upgraded my Zend Optimizer. The error for the static pages comes up as this in the error logs

PHP Parse error: syntax error, unexpected '{' in /my root directory/plugins/staticpages/functions.inc(841) : eval()'d code on line 14
I leave carnage in my wake.
 Quote

tokyoahead

Anonymous
Well please post here which line is the 14th in your code. Since you cut some part of the instructions I cannot know.
 Quote

Status: offline

Jay

Forum User
Junior
Registered: 02/14/07
Posts: 16
Location:Beverly, MA
Of the code in the static page, it's
Text Formatted Code
. "<form action=\"{$_CONF['site_url']}/staticpages/index.php?page=userlogin4root\" method=\"post\">"


which is the first line that uses the slashes, so I assume it's still stripping the slashes when it processes the code, which is why it's kicking up the error.

I leave carnage in my wake.
 Quote

tokyoahead

Anonymous
Yeah pretty much so. What yu can do is remove all the slashes and take the variables out with quotes and concatenate.
But its definetely not normal that you have the slashes stripped.

Did you do a blank install or an upgrade to 1.4.1? Are you sure you have the 1.4.1 version of the files? the file in question here is /public_html/staticpags/index.php
 Quote

Status: offline

Jay

Forum User
Junior
Registered: 02/14/07
Posts: 16
Location:Beverly, MA
Fresh install of 1.4.1.

I was reading about this feature of php called stripslashes. Here's a description from one of the sites

addslashes/stripslashes
These two functions tie in very closely with magic quotes. Magic quotes simply applies addslashes to user input and stripslashes removes those slashes. Again, my gripe with these functions is that there is no point! The strings that you get as a result of addslashes are still unsafe for use in any SQL query because they haven't been escaped with a database-specific escape function such as mysql_real_escape_string.

As with magic quotes, any use of these two functions is often a coding error. The one exception is if for some reason you cannot disable magic quotes using .htaccess as above, in which case you could use stripslashes on all the user input to de-mangle the user input.


So it's, what I assume, a built in feature of php that is removing the slashes automatically. I'll ask a buddy of mine who is putting the site together about it. He knows more of the inner workings than I do.
I leave carnage in my wake.
 Quote

Status: offline

Jay

Forum User
Junior
Registered: 02/14/07
Posts: 16
Location:Beverly, MA
ha, wow. Ok, so, using the logic behind stripslashes, I thought "hey, let's try doubling the slashes in the script". So I did, and everything seems to be working flawlessly now.

Thank you for all the help.

I guess if anyone else runs into this problem, there's your answer! haha.

Thanks again,
Jay
I leave carnage in my wake.
 Quote

Status: offline

n4th4n

Forum User
Chatty
Registered: 07/21/03
Posts: 49
Location:NY, USA
@Jay: This was driving me insane! Thanks for posting the above info. After moving GL to a new server (with new Apache+PHP versions) suddenly I could no longer save a staticpage with backslashes to escape quotes. Using two is a good work around for now, but I'd rather be able to just paste in my code (which is kept in version control without these extra slashes of course).

Might somebody be able to explain whats happening here? Does anyone know how to disable this behavior just on the static pages maybe?

I'm on PHP Version 5.3.2-1ubuntu4.9
with the Suhosin Patch 0.9.9.1
Apache Version Apache/2.2.14 (Ubuntu) mod_php5
 Quote

Status: offline

veronicaZora

Forum User
Newbie
Registered: 01/09/12
Posts: 3
I am new to PHP so I am giving answer as per my knowledge. I think you have any other problem in your project may be in including header files etc.. So u check everything else than only seeing code..
 Quote

All times are EDT. The time is now 02:19 pm.

  • Normal Topic
  • Sticky Topic
  • Locked Topic
  • New Post
  • Sticky Topic W/ New Post
  • Locked Topic W/ New Post
  •  View Anonymous Posts
  •  Able to post
  •  Filtered HTML Allowed
  •  Censored Content