Reply to Re: always enable addslashes

Your name:

Reply:


Posted by Michael Fesser on 12/12/06 12:19

..oO(Curtis)

>If you have access to php.ini, you can set the magic_quotes_gpc
>variable to "On".

Magic quotes are dead. They will be removed in PHP 6.

>However, it would be better if you just escaped input on your own

That's the only reliable and secure way. For example addslashes() can't
know what other escaping might be necessary when inserting data into a
database. That's why functions like mysql_real_escape_string() exist.

Micha

[Back to original message]
Удаленная работа для программистов  •  Как заработать на Google AdSense  •  England, UK  •  статьи на английском  •  PHP MySQL CMS Apache Oscommerce  •  Online Business Knowledge Base  •  DVD MP3 AVI MP4 players codecs conversion help
Home  •  Search  •  Site Map  •  Set as Homepage  •  Add to Favourites

Copyright © 2005-2006 Powered by Custom PHP Programming

Сайт изготовлен в Студии Валентина Петручека
изготовление и поддержка веб-сайтов, разработка программного обеспечения, поисковая оптимизация