Reply to Re: meta characters filtering

Your name:

Reply:


Posted by Kim Andrι Akerψ on 11/02/05 22:43

Pasquale wrote:

>
>
> Oli Filth wrote:
> > Don't user magic quotes, full stop. They're a stupid idea, the PHP
> > developers have realised this and are slowly trying to dissaude
> > people from using them:
> >
> > "It's preferred to code with magic quotes off and to instead escape
> > the data at runtime, as needed." (PHP manual)
> >
> > What's more, they aren't actually much good for the job they were
> > originally intended, safe query construction. If you're using MySQL
> > (you didn't mention what DB you're using, so I'm taking a guess),
> > use mysql_real_escape_string() instead.
>
> "...use mysql_real_escape_string() instead". Instead of magic quotes
> on?
>
> My site is hosted with a hosting company. How would I bypass magic
> quotes being on?

If magic quotes are switched on, this will probably help:

$string = mysql_real_escape_string(stripslashes($string));

This will strip all slashes added by magic quotes, and add slashes that
are suitable for use in MySQL queries.

--
Kim AndrΓ© AkerΓΈ
- kimandre@NOSPAMbetadome.com
(remove NOSPAM to contact me directly)

[Back to original message]
УдалСнная Ρ€Π°Π±ΠΎΡ‚Π° для программистов  •  Как Π·Π°Ρ€Π°Π±ΠΎΡ‚Π°Ρ‚ΡŒ Π½Π° Google AdSense  •  England, UK  •  ΡΡ‚Π°Ρ‚ΡŒΠΈ Π½Π° английском  •  PHP MySQL CMS Apache Oscommerce  •  Online Business Knowledge Base  •  DVD MP3 AVI MP4 players codecs conversion help
Home  •  Search  •  Site Map  •  Set as Homepage  •  Add to Favourites

Copyright © 2005-2006 Powered by Custom PHP Programming

Π‘Π°ΠΉΡ‚ ΠΈΠ·Π³ΠΎΡ‚ΠΎΠ²Π»Π΅Π½ Π² Π‘Ρ‚ΡƒΠ΄ΠΈΠΈ Π’Π°Π»Π΅Π½Ρ‚ΠΈΠ½Π° ΠŸΠ΅Ρ‚Ρ€ΡƒΡ‡Π΅ΠΊΠ°
ΠΈΠ·Π³ΠΎΡ‚ΠΎΠ²Π»Π΅Π½ΠΈΠ΅ ΠΈ ΠΏΠΎΠ΄Π΄Π΅Ρ€ΠΆΠΊΠ° Π²Π΅Π±-сайтов, Ρ€Π°Π·Ρ€Π°Π±ΠΎΡ‚ΠΊΠ° ΠΏΡ€ΠΎΠ³Ρ€Π°ΠΌΠΌΠ½ΠΎΠ³ΠΎ обСспСчСния, поисковая оптимизация