|
|
Posted by Rob on 09/30/21 11:22
Tony Marston wrote:
> "SOR" <webmaster@sparesorrepair.co.uk.INVALID> wrote in message
> news:MPG.1d50d0dc1e51ae15989dcf@no-cancel.newsreader.com...
>
>><comp.lang.php , jamen , jamen@invalid>
>><42e6b289$0$156$edfadb0f@dtext02.news.tele.dk>
>><Wed, 27 Jul 2005 00:01:43 +0200>
>>
>>>>Although its i'm or i'd thats get typed into a form a slash appears
>>>>when
>>>>the typed in text is viewed later .
>>>>
>>>>Not a hard problem to fix - but why does it happen .
>>>
>>>Magic Quotes
>>>http://docs.php.net/en/security.magicquotes.html
>>>
>>
>>Thanks for that , Glad magic quotes where switched on or it probably
>>would have been the first bug report in a few days times when I make a
>>script public .
>>
>>Seem to recall a while ago some geeks on another newsgroup saying magic
>>quotes was a bad thing though .
>
>
> It can be if you write a script in an environment where it is turned on,
> then try to run it in another environment where it is turned off. Ideally
> you should write code which can detect whether it is ON or OFF and deal with
> it as appropriate, such as:
>
> if (!get_magic_quotes_gpc()) {
> $lastname = addslashes($_POST['lastname']);
> } else {
> $lastname = $_POST['lastname'];
> } // if
>
>
you could also write a couple of small functions containing the above
function prepare_input($string)
{
if (!get_magic_quotes_gpc())
{
return addslashes($string);
}
else
{
return $string;
}
}
function prepare_output($string)
{
if (!get_magic_quotes_gpc())
{
return stripslashes($string);
}
else
{
return $string;
}
}
$lastname = prepare_input($_POST['lastname']);
print(prepare_output($lastname));
Navigation:
[Reply to this message]
|