Re: pdo ?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Every pro has this feature (magic_quotes_gpc) turned off. If you understand SQL Injection vulnerabilities, and properly bind things into your queries, I would recommend disabling it.


On 01/24/2013 08:55 AM, Jim Giner wrote:
ok - new to using pdo functions, but I thought I had a handle on it.

I'm writing out to my page an input tag with the following value in it:


I can confirm it by using my browser's "view source" to see that is exactly how it exists in the page.

When I hit a submit button and my script retrieves the 'post' vars my debugging steps are showing that the var $_POST['team'] contains the above value with a backslash (\) already inserted. This is causing me a problem when I then try to use pdo->quote to safely encode it for updating my sql database.

My question is - why does the POST var show the \ char before I execute the 'quote' function?

PHP Database Mailing List (
To unsubscribe, visit:

[Index of Archives]     [PHP Home]     [PHP Users]     [Postgresql Discussion]     [Kernel Newbies]     [Postgresql]     [Yosemite News]

  Powered by Linux