>I haven't got down to business on "magic quotes" but this is a beggining of my expose'. First I make a form that submits to itself. Lets call it "escape.php" and the contents would be.
<form action='escape.php' method='POST' name='escapeform'> Input Code: <textarea name='escapeme' rows='5' cols='55'><? echo $oldtext; ?></textarea> Output Code: <textarea name='escaped' rows='5' cols='55'><? echo $newtext; ?></textarea> <input type='submit'/> </form>
Now we have a self submitting php form so I put my php code in the head and it looks like this:
<? $oldtext = stripslashes($_POST['escapeme']); $newtext = str_replace('&','&',htmlspecialchars($oldtext)); ?>
And voila, you click submit and you get escape strings back. you can view it here. Notice the three PHP functions I use. "stripslashes()" gets rid of '\' on your quotes and "htmlspecialchars()" of course escapes all of your special characters, while the "str_replace()" finishes the job so that the "&" doesn't make your escape strings display as the value you need. Another page that does this with some more features is here:
and I used this page for reference.