FUDforum
Fast Uncompromising Discussions. FUDforum will get your users talking.

Home » Imported messages » comp.lang.php » magic_quotes_gpc() on or off?
Show: Today's Messages :: Polls :: Message Navigator
Return to the default flat view Create a new topic Submit Reply
Re: magic_quotes_gpc() on or off? [message #173944 is a reply to message #173939] Fri, 13 May 2011 22:44 Go to previous messageGo to previous message
Jerry Stuckle is currently offline  Jerry Stuckle
Messages: 2598
Registered: September 2010
Karma:
Senior Member
On 5/13/2011 3:25 PM, Michael Fesser wrote:
> .oO(Jerry Stuckle)
>
>> On 5/11/2011 7:49 AM, Simon wrote:
>>>>
>>>> Why are you stripping slashes BEFORE storing the data?
>>>> magic_quotes_gpc() affects data RETRIEVED from the database.
>>>
>>> As per my original post, this is what the doc suggests.
>>>
>>> http://php.net/manual/en/function.mysql-real-escape-string.php
>>>
>>> "If magic_quotes_gpc is enabled, first apply stripslashes() to the data.
>>> Using this function on data which has already been escaped will escape
>>> the data twice."
>>
>> If the data has previously been escaped, yes. In your case, it has not.
>
> If magic quotes are enabled, then PHP will automatically escape his
> incoming data. So calling stripslashes() on it before doing anything
> else is the correct way to ensure you're working with the raw data.
> After that you can apply the proper escaping as necessary.
>
> Micha

True - IF the data is incoming. But there was no indication it was - in
fact, there was every indication it was not, because a properly escaped
PHP string will never contain something like 'H\hi'. '\h' is an invalid
character sequence.

--
==================
Remove the "x" from my email address
Jerry Stuckle
JDS Computer Training Corp.
jstucklex(at)attglobal(dot)net
==================
[Message index]
 
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Previous Topic: Re: A question about refresh
Next Topic: Program to Submit to forms
Goto Forum:
  

-=] Back to Top [=-
[ Syndicate this forum (XML) ] [ RSS ]

Current Time: Sat Nov 23 12:32:02 GMT 2024

Total time taken to generate the page: 0.04930 seconds