I have an access as root user to the server and it shouldn't be a problem to turn Off magic quote, but I really CANNOT do it right now because, as I said earlier, just put live our new (pretty big) web site and there is no chance to put it again "under construction" for a next couple of weekls (redo site and test it again). As far as I can see, the only "solution" is make on extra server whole thing and then, once it's finished and tested, replace the old one? Also, there is a lot of info with slashes i DB - that has to be cleaned too, right? But, as sombody mentioned earlier, the whole php development goes in that direction (like global's Off/On before) and one day I will have to do it anyway. But, at least I can "wait" for version 2.0 of the web site :). Thanks. -afan > At 8:14 PM +0200 5/24/06, afan@xxxxxxxx wrote: >>if magic_quotes_gpc is On, does it add slashes in front of quotes when >>submit through form? >>Mean, if I submit in input form (text) afan's "crazy" web, after >>echo $_POST['record']; >>I'll get afan\'s \"crazy\" web. Is this because of magic_quote_gps is On? >> >>-afan > > afan: > > You're getting the idea. Whatever is in your mysql dB should look > just like it would in print with quotes and all -- and without any > escape characters preceding them. > > So, if your records in mysql (when viewed via something like > myphpadmin) have something like this "O\'Mally", then the data is > wrong. It should be "O'Mally" and thus somewhere you, or > magic_quotes, have added slashes. > > So, backup to your original data, turn magic_quotes OFF, use > mysql_real_escape_string to prepare the data and then add that data > to your mysql. > > Upon retrieval of the data from mysql -- if -- you want to show it to > a browser, then use htmlentities. Remember mysql_real_escape_string > IN and htmlentities OUT and the world will be well. > > I don't know if you are working in the same type of environment as > me, but I fixed mine by adding a ".htacess" file to my root. The code > is simply a text file like so: > > php_value magic_quotes_gpc 0 > php_value magic_quotes_sybase 0 > php_value magic_quotes_runtime 0 > > That might work for you -- others on this list may have more detailed > information. > > In any event, IMO do everything you can to turn magic_quotes OFF > because after that, then everything will be easier and you'll never > have to worry about when, or if, you should add_lashes, strip_lashes, > and other such confusing stuff. > > hth's > > tedd > -- > ------------------------------------------------------------------------------------ > http://sperling.com http://ancientstones.com http://earthstones.com > -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
