RE: magic quotes

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



It did work I was expecting a physical change in the form display as the
form field values are set to stripslashes values.


-----Original Message-----
From: Richard Lynch [mailto:ceo@xxxxxxxxx] 
Sent: Thursday, August 09, 2007 12:20 AM
To: k3cheese
Cc: php-general@xxxxxxxxxxxxx
Subject: RE:  magic quotes

"runtime data" means "data that is coming out of your database at
runtime" as opposed to "gpc data" which means "data from
GET/POST/COOKIE"

It most certainly does NOT mean that you can't modify the data you
have received in any way you choose.

Can you clarify "Didn't work at all." for us?

Or, perhaps, see if what you think is happening is happening:

<?php
  echo "<pre>BEFORE:\n"; var_dump($_POST); echo "</pre>";
  if (ini_get('magic_quotes_gpc')){
    echo "ALTERING<br />\n";
    $_POST['data'] = stripslashes($_POST['data']);
    echo "<pre>AFTER:\n"; var_dump($_POST); echo "</pre>";
  }
?>

Because using stripslashes to un-do the evil effects of
magic_quotes_gpc is pretty much a no-brainer...

.htaccess might not work for a number of reasons, such as:
  You're not using Apache.
  .htaccess is turned off in your httpd.conf
  You didn't put .htaccess in the same directory as your PHP script

On Wed, August 8, 2007 11:58 pm, k3cheese wrote:
> I added the code to my script and I still ended up escaped quotes.
> if(ini_get('magic_quotes_gpc')) $_POST['data'] =
> stripslashes($_POST['data']);  Didn't work at all.  I think I read
> something
> about it not working on runtime data. Like gpc if this is correct do
> you
> have another solution?  I put this line in the .htaccess file it
> didn't work
> either: php_flag magic_quotes_gpc off... Is there anyway possible? I
> don't
> need it now but it'd be nice to know for the future dev.
>
> Kevon K. Hayes
> 815-980-3435
> RFD, IL
>
> -----Original Message-----
> From: Richard Lynch [mailto:ceo@xxxxxxxxx]
> Sent: Wednesday, August 08, 2007 11:49 PM
> To: k3cheese
> Cc: php-general@xxxxxxxxxxxxx
> Subject: RE:  magic quotes
>
> .htaccess is only meaningful for Apache.
>
> JavaScript is equally useless to Ajax for working around Magic Quotes.
>
> On Wed, August 8, 2007 7:55 am, k3cheese wrote:
>> Thanks,
>>
>> Met javascript not ajax. I had AJAX on the brain do to a project I'm
>> working
>> on. So I'm assuming there is a library of functions to use with the
>> .htaccess file?  Cause it looks like you can use UNIX and PHP to
>> edit
>> this
>> file?
>>
>> Kevon K. Hayes
>> 815-980-3435
>> RFD, IL
>>
>> -----Original Message-----
>> From: Richard Lynch [mailto:ceo@xxxxxxxxx]
>> Sent: Tuesday, August 07, 2007 11:30 PM
>> To: KVIGOR
>> Cc: php-general@xxxxxxxxxxxxx
>> Subject: Re:  magic quotes
>>
>> On Tue, July 31, 2007 9:28 am, KVIGOR wrote:
>>> If magic quotes is on and I dont have access to the php.ini.
>>>
>>> Is there any way I can strip quotes from the form field with out
>>> using
>>> AJAX?
>>
>> Best: Use .htaccess to turn magic_quotes off.
>> Okay: Use something like if (ini_get('magic_quotes_gpc')) $data =
>> stripslashes($data);
>> Worst: Ajax cannot possibly begin to address this issue and is
>> completely useless to solve this particular problem.
>>
>> --
>> Some people have a "gift" link here.
>> Know what I want?
>> I want you to buy a CD from some indie artist.
>> http://cdbaby.com/browse/from/lynch
>> Yeah, I get a buck. So?
>>
>> No virus found in this incoming message.
>> Checked by AVG Free Edition.
>> Version: 7.5.476 / Virus Database: 269.11.6/938 - Release Date:
>> 8/5/2007
>> 4:16 PM
>>
>>
>> No virus found in this outgoing message.
>> Checked by AVG Free Edition.
>> Version: 7.5.476 / Virus Database: 269.11.6/938 - Release Date:
>> 8/5/2007
>> 4:16 PM
>>
>>
>
>
> --
> Some people have a "gift" link here.
> Know what I want?
> I want you to buy a CD from some indie artist.
> http://cdbaby.com/browse/from/lynch
> Yeah, I get a buck. So?
>
> No virus found in this incoming message.
> Checked by AVG Free Edition.
> Version: 7.5.476 / Virus Database: 269.11.8/941 - Release Date:
> 8/7/2007
> 4:06 PM
>
>
> No virus found in this outgoing message.
> Checked by AVG Free Edition.
> Version: 7.5.476 / Virus Database: 269.11.8/941 - Release Date:
> 8/7/2007
> 4:06 PM
>
>


-- 
Some people have a "gift" link here.
Know what I want?
I want you to buy a CD from some indie artist.
http://cdbaby.com/browse/from/lynch
Yeah, I get a buck. So?

No virus found in this incoming message.
Checked by AVG Free Edition. 
Version: 7.5.476 / Virus Database: 269.11.8/941 - Release Date: 8/7/2007
4:06 PM
 

No virus found in this outgoing message.
Checked by AVG Free Edition. 
Version: 7.5.476 / Virus Database: 269.11.8/941 - Release Date: 8/7/2007
4:06 PM
 

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php


[Index of Archives]     [PHP Home]     [Apache Users]     [PHP on Windows]     [Kernel Newbies]     [PHP Install]     [PHP Classes]     [Pear]     [Postgresql]     [Postgresql PHP]     [PHP on Windows]     [PHP Database Programming]     [PHP SOAP]

  Powered by Linux