1

I use Zend framework with doctrine for a project , the problem is that when i insert in database a string like O'Shea it inserts O\'Shea. I guess this is because of double escaping. One when i get the post and one when i use doctrine, why when i print_r($_POST) i get values already escaped?

the syntax of doctrine query is:

$req = $this->getRequest()->getPost();
$company = Doctrine::getTable('Project_Model_Companies')->find($company_id);
$company->name = $req['name'];
$company->save();

Please help me how to avoid this double escaping, or what is the problem? Thanks.

Benjamin Cremer
  • 4,842
  • 1
  • 24
  • 30
Centurion
  • 5,169
  • 6
  • 28
  • 47

2 Answers2

6

Sounds like magic_quote_gpc is turned on.

You can check wether magic qoutes are enabled or not with get_magic_quotes_gpc

echo (get_magic_quotes_gpc()) ? 'Magic qoutes Enabled' : "Magic qoutes Disabled";

I would highly recommend Disabling Magic Quotes.

Try the following .htaccess file directive : 

php_value magic_quotes_gpc Off

Or in your php.ini

magic_quotes_gpc = Off
Benjamin Cremer
  • 4,842
  • 1
  • 24
  • 30
2

In addition to Benjamin Cremer answer:

Sometimes magic quotes can't be disabled, use this code in your index file to ensure this issue will never bother you again:

if (get_magic_quotes_gpc()) {
  function stripslashes_deep($value)
  {
    $value = is_array($value) ?
          array_map('stripslashes_deep', $value) :
          stripslashes($value);

    return $value;
  }

  $_POST = array_map('stripslashes_deep', $_POST);
  $_GET = array_map('stripslashes_deep', $_GET);
  $_COOKIE = array_map('stripslashes_deep', $_COOKIE);
  $_REQUEST = array_map('stripslashes_deep', $_REQUEST);
}
Xerkus
  • 2,695
  • 1
  • 19
  • 32