Hi Dave, Monday, June 4, 2007, 3:25:25 PM, you wrote: >> No, you should check the ini setting in your code and react accordingly. >> > Sorry, I don't quite follow you here. If I turn magic quotes off on both > my testing environment and my server, as is "preferable" according to > the manual, then my ini file will conform to that. > But I don't see how that relates to the portability of the code. As much > as possible, I'd like to have others be able to run my scripts with > minimum hassle. > If I make my development environment and my own web hosting server > conform to the "preferable" set up, but most servers default to having > magic quotes on, then won't my code break on most people's servers? In your code you check to see if magic quotes is enabled or not: http://uk2.php.net/manual/en/function.get-magic-quotes-runtime.php http://uk2.php.net/manual/en/function.get-magic-quotes-gpc.php You can check if magic quotes is on, and if so you can strip the incoming data accordingly. You cannot disable GPC quoting unless you have access to set php values (ini file, htaccess, etc), but you *can* disable runtime quoting (which is what happens when data is fetched from a database). On the basis that you can't disable GPC quoting you only need to know what state the data you receive will be in, and treat it accordingly. Cheers, Rich -- Zend Certified Engineer http://www.corephp.co.uk "Never trust a computer you can't throw out of a window" -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
