|
Posted by Oli Filth on 03/13/06 20:02
ZeldorBlat said the following on 13/03/2006 17:50:
> _mario.lat@libero.it wrote:
>> what is userful for: set_magic_quotes_runtime ?
>> than you in advance,
>> Mario.
>
> According to the manual at <http://www.php.net/magic_quotes>, magic
> quotes are useful for:
>
> o Beginners
> o Convenience
>
Unfortunately, in reality, they're useful for neither of these:
* Magic quotes (addslashes()) don't necessarily create correct escape
sequences for a given DB, e.g. it's incorrect for MS SQL. Therefore,
it's more sensible to use a specific escape function, e.g.
mysql_real_esacpe_string() for MySQL.
* On many servers, magic_quotes settings will be off. Therefore, for
cross-server compatibility, your code will need to detect this situation
and correct for it, which completely negates any "benefits" of magic
quotes, and makes your code longer.
* There are plenty of situations where you will want data in an
unescaped form, so magic_quotes is a pain in the arse.
However, I have no idea what the point of magic_quotes_runtime is.
--
Oli
Navigation:
[Reply to this message]
|