Backslash (\) removed

ebru · Post by **ebru** » 16 Jun 2016, 09:57

In any textfield, backslashes (for example in a Path to a local file) are removed when saving.
It seems to happen in alle types of Textfields and in comments.

Post by **support** » 16 Jun 2016, 10:24

do you use local server for windows?

ebru · Post by **ebru** » 16 Jun 2016, 13:32

Yes. Windows Server with XAMPP

Post by **support** » 16 Jun 2016, 15:20

open file includes/functions/database.php and remove next code

Code: Select all

if (function_exists('mysqli_real_escape_string')) {
    	return mysqli_real_escape_string($$link,stripslashes($string));
    } elseif (function_exists('mysqli_escape_string')) {
    	return mysqli_escape_string($$link,stripslashes($string));
    }

let me know if it helps

and note this will work for Windows Server with XAMPP only

ebru · Post by **ebru** » 22 Jun 2016, 10:18

The solution works.

Nevertheless: my programmer thinks, that it has less to do with XAMPP but with "magic_quotes" and the extensive usage of "addslahes" and "stripslashes", which - to his opinion - do not always do what they are supposed to.

He also notes, that "escaping" is not beeing used generally.
This could lead to SQL-injections.

Note: I am just forwarding, what my programmer told me and do not really understand it. If you have more questions, I will probably ask him, to contact you directly.

Post by **support** » 22 Jun 2016, 10:43

thank you, everything is clear for me:)

since XAMPP is just for local server (for personal use only) so there is no reason to worry about SQL-injections etc.

Rukovoditel Support Forum

Backslash (\) removed

Backslash (\) removed

Re: Backslash (\) removed

Re: Backslash (\) removed

Re: Backslash (\) removed

Re: Backslash (\) removed

Re: Backslash (\) removed