FUDforum: comp.lang.php » magic_quotes

Home » Imported messages » comp.lang.php » magic_quotes_gpc() on or off?

Show: Today's Messages :: Polls :: Message Navigator

Re: magic_quotes_gpc() on or off? [message #173944 is a reply to message #173939]

Fri, 13 May 2011 22:44

Jerry Stuckle
Messages: 2598
Registered: September 2010

Karma:

Senior Member

On 5/13/2011 3:25 PM, Michael Fesser wrote:
> .oO(Jerry Stuckle)
>
>> On 5/11/2011 7:49 AM, Simon wrote:
>>>>
>>>> Why are you stripping slashes BEFORE storing the data?
>>>> magic_quotes_gpc() affects data RETRIEVED from the database.
>>>
>>> As per my original post, this is what the doc suggests.
>>>
>>> http://php.net/manual/en/function.mysql-real-escape-string.php
>>>
>>> "If magic_quotes_gpc is enabled, first apply stripslashes() to the data.
>>> Using this function on data which has already been escaped will escape
>>> the data twice."
>>
>> If the data has previously been escaped, yes. In your case, it has not.
>
> If magic quotes are enabled, then PHP will automatically escape his
> incoming data. So calling stripslashes() on it before doing anything
> else is the correct way to ensure you're working with the raw data.
> After that you can apply the proper escaping as necessary.
>
> Micha

True - IF the data is incoming. But there was no indication it was - in
fact, there was every indication it was not, because a properly escaped
PHP string will never contain something like 'H\hi'. '\h' is an invalid
character sequence.

--
==================
Remove the "x" from my email address
Jerry Stuckle
JDS Computer Training Corp.
jstucklex(at)attglobal(dot)net
==================

Report message to a moderator

[Message index]

		magic_quotes_gpc() on or off? By: Simon on Wed, 11 May 2011 07:28
		Re: magic_quotes_gpc() on or off? By: Jerry Stuckle on Wed, 11 May 2011 10:38
		Re: magic_quotes_gpc() on or off? By: Simon on Wed, 11 May 2011 11:49
		Re: magic_quotes_gpc() on or off? By: Jerry Stuckle on Wed, 11 May 2011 15:29
		Re: magic_quotes_gpc() on or off? By: Michael Fesser on Fri, 13 May 2011 19:25
		Re: magic_quotes_gpc() on or off? By: Jerry Stuckle on Fri, 13 May 2011 22:44
		Re: magic_quotes_gpc() on or off? By: alvaro.NOSPAMTHANX on Wed, 11 May 2011 10:45
		Re: magic_quotes_gpc() on or off? By: Simon on Wed, 11 May 2011 11:53
		Re: magic_quotes_gpc() on or off? By: alvaro.NOSPAMTHANX on Wed, 11 May 2011 14:13
		Re: magic_quotes_gpc() on or off? By: Simon on Wed, 11 May 2011 14:15

Previous Topic:	Re: A question about refresh
Next Topic:	Program to Submit to forms

Goto Forum:

-=] Back to Top [=-

[ Syndicate this forum (XML) ] [

]

Current Time: Thu Oct 03 03:20:32 GMT 2024

Total time taken to generate the page: 0.03971 seconds