From: Ravi Gehlot
> What are these magic quotes anyways?. What are they used for?
escaping?
I wasn't there at the time, but I gather that the general idea was to
automagically insert escape characters into data submitted from a form.
However, they used a backslash as the escape character, which is not
universally recognized across database engines. Even the SQL standard
defines an escape as a single quote character.
We used to have magic quotes enabled, and came up with the following
code to clean up the mess it caused.
// If magic quotes is on, we want to remove slashes
if (get_magic_quotes_gpc()) {
// Magic quotes is on
$response = stripslashes($_POST[$key]);
} else {
$response = $_POST[$key];
}
For future releases of PHP, this will also need a check to see if
get_magic_quotes_gpc() exists first.
Bob McConnell
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
