Getting Rid of "Magic Quotes" in Cookies
Magic quoteswhich were covered and hated in the previous chapter, as wellalso apply to cookies because they are data coming from the client. So if magic_quotes is on, single and double quotes are escaped with backslash characters. To get rid of those, this code is used. A similar code was also used in the previous chapter to remove these escape characters from form data (GET and POST data).
If magic_quotes is set, stripslashes() is applied recursively to all data in $_COOKIE.
Removing "Magic Quotes" from Cookies (stripCookieSlashes.inc.php)
<?php
function stripCookieSlashes($arr) {
if (!is_array($arr)) {
return stripslashes($arr);
} else {
return array_map('stripCookieSlashes', $arr);
}
}
if (get_magic_quotes_gpc()) {
$_COOKIE = stripCookieSlashes($_COOKIE);
}
?>
This file should then be included in all PHP scripts that read cookies, using this statement:
require_once 'stripCookieSlashes.inc.php'
| 