Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
GS on PHP 5.3
#1
Anyone using GS on PHP 5.3.x?

I have observed that single backslashes ("\") get stripped out from the content when I save a page. Double backslashes ("\\") are transformed into single backslashes. (If I save the page again, they disappear).

This happens with my test installs on XAMPP with PHP 5.3.2. In my live installs, however, no problem. My shared hosting provider has PHP 5.2.12

I think it may be because of magic quotes support, deprecated since PHP 5.3.
Code:
<?php echo get_magic_quotes_gpc(); ?>
returns '1' on my PHP 5.2.x, but '0' on PHP 5.3.x
Reply
#2
admin/edit.php line 58 :
Code:
$content = stripslashes($data_edit->content);

You just have to replace by :
Code:
$content = $data_edit->content;

However, I don't understand why you don't have the problem with Php < 5.3.


Hope this helps.
Reply
#3
spilarix Wrote:admin/edit.php line 58 :
Code:
$content = stripslashes($data_edit->content);

You just have to replace by :
Code:
$content = $data_edit->content;

Thank you. It works -- backslashes no longer disappear when saving a page. But backslashes still disappear on the public page. To fix this you must also change
admin/inc/theme_functions.php, line 19:
Code:
$content = stripslashes(htmlspecialchars_decode($content, ENT_QUOTES));
replace by:
Code:
$content = htmlspecialchars_decode($content, ENT_QUOTES);

(Note: I've edited the previous paragraph, the bold phrase replaces what I said: "But the public page now displays double backslashes :-)", oops.)


However I think I have found a better solution. Instead of those two changes, just edit admin/changedata.php, line 97:
Code:
if(isset($_POST['post-content'])) { $content = htmlentities($_POST['post-content'], ENT_QUOTES, 'UTF-8'); }
change to:
Code:
if(isset($_POST['post-content'])) { $content = addslashes(htmlentities($_POST['post-content'], ENT_QUOTES, 'UTF-8')); }

A better fix: To make it work with both magic quotes disabled and enabled, same line could be replaced by:
Code:
if(isset($_POST['post-content'])) {
    $content = htmlentities($_POST['post-content'], ENT_QUOTES, 'UTF-8');
    if (get_magic_quotes_gpc()==0) { $content = addslashes($content); }
}

I'm not totally sure, but that (or something like that) could be the fix for this issue.
(I have tested on localhost/PHP 5.3.2 with magic quotes off, and on my shared hosting/PHP 5.2.12 with magic quotes on)

spilarix Wrote:However, I don't understand why you don't have the problem with Php < 5.3.

As I said, it seems it's because of magic quotes, which are usually -I believe- enabled by default on PHP < 5.3
Reply
#4
On my last comment about editing admin/changedata.php, line 97... It might be faster (though longer code):

Code:
if(isset($_POST['post-content'])) {
    if (get_magic_quotes_gpc()==0) {
        $content = addslashes(htmlentities($_POST['post-content'], ENT_QUOTES, 'UTF-8'));
    } else {
        $content = htmlentities($_POST['post-content'], ENT_QUOTES, 'UTF-8');
    }
}
Reply
#5
This would also have to be added to the inc/theme_functions.php as well, right? Have you seen any problems with this code yet?

Carlos Wrote:On my last comment about editing admin/changedata.php, line 97... It might be faster (though longer code):

Code:
if(isset($_POST['post-content'])) {
    if (get_magic_quotes_gpc()==0) {
        $content = addslashes(htmlentities($_POST['post-content'], ENT_QUOTES, 'UTF-8'));
    } else {
        $content = htmlentities($_POST['post-content'], ENT_QUOTES, 'UTF-8');
    }
}
- Chris
Thanks for using GetSimple! - Download

Please do not email me directly for help regarding GetSimple. Please post all your questions/problems in the forum!
Reply
#6
ccagle8 Wrote:This would also have to be added to the inc/theme_functions.php as well, right?

No, I think only admin/changedata.php (line 97) should be changed.

With this small fix we are adding extra slashes to $_POST content, as if magic quotes were enabled.

In inc/theme_functions.php (line 19), get_page_content() strips those extra slashes -- no change is needed.

ccagle8 Wrote:Have you seen any problems with this code yet?

Sorry?
Reply
#7
Doing some tests...

I've enabled magic quotes (for GET/POST/Cookies) on my XAMPP localhost test server, which had them disabled (default in PHP 5.3, because they're deprecated), by adding this line in .htaccess:
Code:
php_flag magic_quotes_gpc On
Tested GS 2.01 without patches: No problem with backslashes.

I 'd have liked to do another test: disabling magic_quotes_gpc in my hosting provider, which uses PHP 5.2... but it doesn't let me (or haven't found how to do it).
Reply




Users browsing this thread: 1 Guest(s)