RE: Why does this work on one server, but not another?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On Thu, March 23, 2006 6:42 pm, tedd wrote:
> Hi gang:
>
> Okay, another update:
>
> I tried all sorts of combinations of assorted functions as well as
> reading every source I could find. I won't bore you with the details
> -- but, this is as far as I've gotten.
>
> For storing an image into MySQL I simply used:
>
> $image_large = mysql_real_escape_string($buffer);
>
> Then for displaying the image, I use:
>
> if (get_magic_quotes_gpc())
> 	{
> 	$fileContent = stripslashes($fileContent);
> 	}

This is bass-ackwards...

What you've done is store the data with "double" addslashes() when
MagicQuotes are on, and then you "undo" one of them.

So your data actually in the database has an extra set of slashes on it.

That's not good clean data.

> Remember, both servers show "magic_quotes_gpc" as ON. The only
> difference I see between them is that "magic_quotes_runtime" is ON
> for one server and is OFF for the other -- would that make a
> difference?
>
> What say you now?

Stop confusing the hell out of yourself, and use .htaccess to turn
magic_quotes OFF and magic_quotes_runtime OFF!!!

magic_quotes ==> calls addslashes() on all data in $_POST/$_GET/$_COOKIE
magic_quotes_runtime ==> calls addslashes() on all data from SELECT

So on the server with _runtime on, you need stripslashes, because
magic_quotes_runtime is just plain stupid, unless all your PHP
application does is suck stuff out of one database and insert it in
another.

Actually, even magic_quotes is stupid, because it ends up doing the
addslashes() too soon, and addslashes() is the wrong function to call
these days anyway.

TURN MAGIC OFF!!!

After all the MAGIC settings are off, you can just use
mysql_real_escape_string()

If that does not work, report a bug, and in the short term, use
base64_encode and base64_decode on your data going in/out of the db.

For that matter, stop trying to cram your JPEGs into your database in
the first place, and you'll also be a lot less frustrated.

-- 
Like Music?
http://l-i-e.com/artists.htm

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[Index of Archives]     [PHP Home]     [Apache Users]     [PHP on Windows]     [Kernel Newbies]     [PHP Install]     [PHP Classes]     [Pear]     [Postgresql]     [Postgresql PHP]     [PHP on Windows]     [PHP Database Programming]     [PHP SOAP]

  Powered by Linux