[nycphp-talk] Is there something wrong with this SQL query in PHP?
Gary Mort
bz-gmort at beezifies.com
Wed Aug 15 09:55:55 EDT 2007
csnyder wrote:
> On 8/15/07, Anthony Wlodarski <aw at sap8.com> wrote:
>
>> So I was doing some reading on magic quotes and wrote a simple check to see
>> if it is on or not. On our box magic quotes are disabled (which is the way
>> I would prefer it, I would rather manually add my own slashes to sequences
>> that need it) but my shared hosting has magic quotes enabled. Now I know
>> the admin of the shared hosting is not going to turn off magic quotes
>> because not everyone that uses the services are diligent programmers.
>>
>
> See http://us3.php.net/manual/en/security.magicquotes.disabling.php --
> you can either disable it in an .htaccess file at the web root, or you
> can use get_magic_quotes_gpc() to check for it and, if on, apply
> stripslashes() to input values.
>
>
Oh, doh. the C in GPC stands for cookie, so yeah you can strip it off
the cookies and request variable as well.
More information about the talk
mailing list
Automatic Email Organization without missing anything!