开发者

Prepared statement puts \ before '

Im using prepared statements to descramble BBcode but for some reason it puts \ before ' when posting. I dont know what causes it, but Im sure it开发者_运维问答 happens when i change the BBcode to html to be put in the database, the code looks like this:

$text = $membership->remove_HTML($text);


    //convert line breaks to <br /> tags.
      $text = nl2br($text);

      //cleans up by removing white space.
      $text = trim($text);

      //now lets replace things BASIC EDITOR
      $text = preg_replace("/\[b\](.*)\[\/b\]/", "<strong>\\1</strong>", $text);
      $text = preg_replace("/\[i\](.*)\[\/i\]/", "<em>\\1</em>", $text);
      $text = preg_replace("/\[u\](.*)\[\/u\]/", "<span style='text-decoration:underline;'>\\1</span>", $text);
      $text = preg_replace("/\[s\](.*)\[\/s\]/", "<del>\\1</del>", $text);

      $text = preg_replace("/\[url\](.*)\[\/url\]/", "<a target='_blank' href='\\1'>\\1</a>", $text);
      $text = preg_replace("/\[url=(.*)\](.*)\[\/url\]/", "<a target='_blank' rel='\\1' href='\\1'>\\2</a>", $text);

      //now lets replace MORE things EXPANDED EDITOR
      $text = preg_replace("/\[img\](.*)\[\/img\]/", "<img>\\1</img>", $text);
      $text = str_ireplace("[hr]","<hr>", $text);
      $text = preg_replace("/\[justify\](.*)\[\/justify\]/", "<p style='text-align:justify;'>\\1</p>", $text);
      $text = preg_replace("/\[center\](.*)\[\/center\]/", "<p style='text-align:center;'>\\1</p>", $text);
      $text = preg_replace("/\[left\](.*)\[\/left\]/", "<p style='text-align:left;'>\\1</p>", $text);
      $text = preg_replace("/\[right\](.*)\[\/right\]/", "<p style='text-align:right;'>\\1</p>", $text);
      $text = preg_replace("/\[h1\](.*)\[\/h1\]/", "<h4>\\1</h4>", $text);
      $text = preg_replace("/\[h2\](.*)\[\/h2\]/", "<h5>\\1</h5>", $text);
      $text = preg_replace("/\[h3\](.*)\[\/h3\]/", "<h6>\\1</h6>", $text);

      $updatenews = $mysql->add_news($_SESSION['user'][0], $headline, $text, $time);


The quickest thing to check is making sure PHP's Magic Quotes are disabled.

If you don't want to get right into mucking around with your PHP configuration, then check to see if the slashes are present before you roll $text through that series of preg_replaces().

0

上一篇:

下一篇:

精彩评论

暂无评论...
验证码 换一张
取 消

最新问答

问答排行榜