RE: Wrighting to $_POST array

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 


> But, first, you need to use get_magic_quotes_gpc() to see if magic_quotes_gpc is
> turned on.  If so, you need to run stripslashes() on your variables before you
> run the mysql_real_escape_string() on them.
> 
> 
> if ( get_magic_quotes_gpc() ) {
>     $_POST = array_map('stripslashes', $_POST);
> }
> $_POST = array_map('mysql_real_escape_string', $_POST);

I would totally remove magic_quotes_gpc rather than this for each request:

if ( get_magic_quotes_gpc() ) {

    $_GET = array_map('stripslashes', $_GET);
    $_POST = array_map('stripslashes', $_POST);
    //  $_REQUEST = array_map('stripslashes', $_REQUEST);


    $_COOKIES = array_map('stripslashes', $_COOKIES);
}

there is a reason if magic_quotes has been removed by PHP defaults since ages

Regards
 		 	   		  
_________________________________________________________________
Windows Live: Make it easier for your friends to see what you’re up to on Facebook.
http://www.microsoft.com/middleeast/windows/windowslive/see-it-in-action/social-network-basics.aspx?ocid=PID23461::T:WLMTAGL:ON:WL:en-xm:SI_SB_2:092009
[Index of Archives]     [PHP Home]     [Apache Users]     [PHP on Windows]     [Kernel Newbies]     [PHP Install]     [PHP Classes]     [Pear]     [Postgresql]     [Postgresql PHP]     [PHP on Windows]     [PHP Database Programming]     [PHP SOAP]

  Powered by Linux