Posted by Oli Filth on 03/13/06 20:02

ZeldorBlat said the following on 13/03/2006 17:50:
> _mario.lat@libero.it wrote:
>> what is userful for: set_magic_quotes_runtime ?
>> than you in advance,
>> Mario.
>
> According to the manual at <http://www.php.net/magic_quotes>, magic
> quotes are useful for:
>
> o Beginners
> o Convenience
>

Unfortunately, in reality, they're useful for neither of these:

* Magic quotes (addslashes()) don't necessarily create correct escape
sequences for a given DB, e.g. it's incorrect for MS SQL. Therefore,
it's more sensible to use a specific escape function, e.g.
mysql_real_esacpe_string() for MySQL.

* On many servers, magic_quotes settings will be off. Therefore, for
cross-server compatibility, your code will need to detect this situation
and correct for it, which completely negates any "benefits" of magic
quotes, and makes your code longer.

* There are plenty of situations where you will want data in an
unescaped form, so magic_quotes is a pain in the arse.


However, I have no idea what the point of magic_quotes_runtime is.


--
Oli

• Next in forum: Re: displaying thousands and thousands of records via PHP/HTML
• Prev in forum: Re: Limiting access to a website
• Thread view: Re: what is userful for: set_magic_quotes_runtime ?

[Reply to this message]