|
|
Posted by Jochem Maas on 09/30/05 20:08
Jay Blanchard wrote:
> Everyday I scratch my head.....
>
> In php.ini in the C:\WINNT it is said;
>
> ; Magic quotes for incoming GET/POST/Cookie data.
> magic_quotes_gpc = Off
>
> ; Magic quotes for runtime-generated data, e.g. data from SQL, from exec(),
> etc.
> magic_quotes_runtime = Off
>
> In phpinfo() it is said;
>
where does it say it read the ini file from?
is there a .htaccess equivelant setting somewhere
in the ISS server [your new job in a windows shop]
turning magic_quotes_gpc on (for the given 'vhost')?
(I use apache terminology - I trust your savvy
enough to translate them to ISSspeak :-)
> magic_quotes_gpc On On
> magic_quotes_runtime Off Off
>
> [note the disparity]
>
> and get_magic_quotes_gpc() returns a 1 (for 'on')
>
> I am having a helluva time escaping single quotes for use with MSSQL because
> it throws the following error....
>
> SELECT EPC, Owner, Location, Application, Process, Product, Purchased,
> Comments FROM intranet.dbo.CustomerRelations WHERE Purchased = '1990\'\'s'
> ORDER BY EPC DESC
>
> Filter=Purchased&FilterKey=1990\'\'s <--$_SERVER['QUERY_STRING']
>
> 1 <--get_magic_quotes_gpc
>
>
> Warning: odbc_exec(): SQL error: [Microsoft][ODBC SQL Server Driver][SQL
> Server]Line 1: Incorrect syntax near '\'., SQL state 37000 in SQLExecDirect
> in E:\fubar\iamscrewed\windowsblows\index.php on line 51
> [Microsoft][ODBC SQL Server Driver][SQL Server]Line 1: Incorrect syntax near
> '\'.
>
> Slashes are being inserted during the post, but i cannot get them to go
can you so a hack with 'magic_quotes_sybase' ini setting? (turn it on)
see here: http://nl2.php.net/sybase
> away...stripslashes doesn;t work.....can anyone help me get rid of the
what exactly isn't working?
something like this does do it for you?:
/**
* array_stripslashes()
*
* stripsslashes from each value found in the given array,
* and recurses if a value is itself an array.
* this function is used to 'transform' request superglobals into
* 'form' that is consistent regardless of server settings. (magic quotes, etc)
*
* @return array()
*/
function array_stripslashes(&$array) {
if(!is_array($array));
while (list($key) = @each($array)) {
if (is_array($array[$key])) {
array_stripslashes($array[$key]);
} else {
$array[$key] = stripslashes($array[$key]);
}
}
}
/* setup the env the way we like it. */
set_magic_quotes_runtime(0); // Disable magic_quotes_runtime
if (get_magic_quotes_gpc()) { // stripslashes if they were auto added
array_stripslashes( $_POST );
array_stripslashes( $_GET );
array_stripslashes( $_REQUEST );
array_stripslashes( $_COOKIES );
array_stripslashes( $_HTTP_POST_VARS );
array_stripslashes( $_HTTP_GET_VARS );
array_stripslashes( $_HTTP_COOKIES_VARS );
}
> slashes? Or should I just go for a nice motorcycle ride in the Hill Country?
If you have hills I'd say take an mtb. :-) I like mtb'ing - but I live
in a country
>
Navigation:
[Reply to this message]
|