FUDforum
Fast Uncompromising Discussions. FUDforum will get your users talking.

Home » Imported messages » comp.lang.php » Magic quotes? Should I still be cautious?
Show: Today's Messages :: Polls :: Message Navigator
Return to the default flat view Create a new topic Submit Reply
Re: Magic quotes? Should I still be cautious? [message #176394 is a reply to message #176388] Fri, 30 December 2011 12:18 Go to previous messageGo to previous message
Michael Fesser is currently offline  Michael Fesser
Messages: 215
Registered: September 2010
Karma:
Senior Member
.oO(Michael Joel)

> So then my questions is, why test for magic quotes - why not just use
> addslashes/stripslashes? At worste it appears to be just reprocessing
> what has just been done for you.

Magic quotes are not secure and will be completely removed in the near
future. Even addslashes/stripslashes are not secure, because they don't
escape all necessary characters for database input.

So the general rule is: Test for magic quotes if you can't disable them,
remove them if necessary with stripslashes(), then apply the appropriate
escaping functions wherever necessary (e.g. mysql_real_escape_string()).

Micha

--
http://mfesser.de/blickwinkel
[Message index]
 
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Previous Topic: Lilupophilupop
Next Topic: [WSP] CALL FOR PAPERS [FREE]
Goto Forum:
  

-=] Back to Top [=-
[ Syndicate this forum (XML) ] [ RSS ]

Current Time: Thu Nov 28 17:22:34 GMT 2024

Total time taken to generate the page: 0.04807 seconds