| Author |
Message |
LostGhost
New Member
Joined: Mar 29, 2004
Posts: 5
|
 Posted:
Mon Mar 29, 2004 2:05 pm |
 
|
Every time someone uses an apostrophe when posting a news story / review / etc, nuke appears to be inserting a \.
So (for example) if they were to submit the word don't, it would be changed to don\'t
Please help as this is driving me mad.
As this is happening everywhere that someone can submit to the site I assume this is being caused by one of the core pages. |
|
|
|
|
Raven
Site Admin/Owner
Joined: Aug 27, 2002
Posts: 16987
Location: Kansas
|
| Posted:
Mon Mar 29, 2004 2:25 pm |
|
That is a security precaution. addslashes() is the function and prevents XSS attacks. The data should be stored in the database but the stripped out with stripslashes() before being displayed. Are you saying that it is actually displaying the \' in your news article? If so, this is not the behavior of the native News module. have you applied any code changes to your News module? |
|
|
  
|
|
LostGhost
New Member
Joined: Mar 29, 2004
Posts: 5
|
| Posted:
Mon Mar 29, 2004 2:45 pm |
|
Thats exactly what I'm saying, and I haven't made any changes to the native News module (though I have edited some of the others).
However, this problem isn't confined to News.
It happens in every module people can submit (i.e. reviews, comments in Coppermine, etc.).
Thats why I presumed there was something missing from one of the core files. Does the stripslash appear in something like mainfile.php ? |
Last edited by LostGhost on Mon Mar 29, 2004 3:07 pm; edited 1 time in total |
|
|
|
|
Raven
Site Admin/Owner
Joined: Aug 27, 2002
Posts: 16987
Location: Kansas
|
| Posted:
Mon Mar 29, 2004 2:54 pm |
|
Just for curiosity, run phpinfo() and check this setting:
magic_quotes_gpc
Is it set to On or Off? |
|
|
|
|
|
LostGhost
New Member
Joined: Mar 29, 2004
Posts: 5
|
| Posted:
Mon Mar 29, 2004 3:08 pm |
|
magic_quotes_gpc On
magic_quotes_runtime Off
magic_quotes_sybase Off |
|
|
|
|
|
Raven
Site Admin/Owner
Joined: Aug 27, 2002
Posts: 16987
Location: Kansas
|
| Posted:
Mon Mar 29, 2004 3:12 pm |
|
If you have not made any changes at all, then I would suggest reuploading all files, as a first step. What version of nuke and MySQL are you using? |
|
|
|
|
|
LostGhost
New Member
Joined: Mar 29, 2004
Posts: 5
|
| Posted:
Mon Mar 29, 2004 3:23 pm |
|
As per title, it is Nuke 7.0
I downloaded it from the club when it first became available, although I only started noticing the / problem after installing Coppermine (but it could have been there before).
I have been applying security patches and fixes as they became available, so I am rather loath to over-write everything by uploading the files. Would I be better off upgrading to 7.1 or 7.2?
It is running on MySQL 4.0.18-standard |
|
|
|
|
|
Raven
Site Admin/Owner
Joined: Aug 27, 2002
Posts: 16987
Location: Kansas
|
| Posted:
Mon Mar 29, 2004 3:26 pm |
|
7.2 for sure. Coppermine is wrecking some havoc right now on many sites so I would be suspicious .... |
|
|
|
|
|
LostGhost
New Member
Joined: Mar 29, 2004
Posts: 5
|
| Posted:
Mon Mar 29, 2004 4:05 pm |
|
OK I'll get 7.2 Final and try updating to that.
I'll let you know how I get on.
Thanks for your help. |
|
|
|
|
|
|
|
|
|
![[Valid RSS]](http://www.ravenphpscripts.com/images/valid-rss.png "Validate my RSS feed"){kind=small}
:: 
::