[thelist] EMail format question.
Kelly Hallman
khallman at wrack.org
Wed Nov 12 13:54:58 CST 2003
On Wed, 12 Nov 2003, kris burford wrote:
> i'm not sure this is right. the manual at php.net suggests stripcslashes
> (!=stripslashes) where mail is concerned
>
> http://uk2.php.net/mail
> http://uk2.php.net/stripcslashes
I couldn't find where it said that. One thing that is important to note,
which does not seem to be widely understood is that most/many PHP
installations automatically run addslashes() on GET and POST input.
To reverse that, if you don't require it, you must run stripslashes().
I guess it's partly a security measure, for containing SQL injection.
As for mail, once the content is unslashed, then you can do whatever
encoding is necessary for the mailer.
// Quick-and-dirty unslashing:
$post_noslash = array_map('stripslashes',$_POST);
--
Kelly Hallman
http://wrack.org/
More information about the thelist
mailing list