Well, I partially agree. :-) The problem is that if one assumes that magic_quotes is on, and adds stripslashes calls as necessary in that environment, then the application will fail to work properly in environments where magic_quotes is off!
So you really have to decide what you want to support, or make a more sophisticated solution. Most important is to be consistent. I would prefer magic_quotes off. /Håkan On fre, 2006-02-17 at 10:46 -0500, Dean Jones wrote: > Hmm... Magic_quotes or not, I've always read that using stripslashes is a > good way to keep code portable and usable. I see that rouncube already uses > stripslashes on a lot of things, but neglects to use it here. In previous > versions of roundcube, this problem did not exist. Now it does. I think > that's incorrect. On all of the PHP tools I have written in the past, people > have always come back and complained that they were getting slashes on words > (where I forgot to add stripslashes). > > I always consider that you can't assume people will always have the same > environment you will and you should write code to handle circumstances that > you can handle to make things cross-platform. Adding two simple lines of > stripslashes() isn't going to clutter the code anymore than it is now. > > > > On Fri, 17 Feb 2006 16:49:40 +0100, Håkan Lindqvist <[EMAIL PROTECTED]> wrote: > > It is not silly, but I think you missed the point. > > > > I absolutely do not disagree that people are sending "broken" emails > > around (where " has been escaped to \"). > > > > My point is that with a correctly set up PHP environment and provided > > that the Roundcube code is reasonable, the slashes should NOT appear in > > the first place and thus stripslashes is not necessary. > > > > If it does appear, you should check that your PHP environment is sane > > (magic_quotes in particular should be off), otherwise something is > > broken in Roundcube, and then that should be fixed. > > > > Adding random stripslashes calls just makes a mess of things. > > > > > > /Håkan > > > > On fre, 2006-02-17 at 10:21 -0500, Dean Jones wrote: > >> Umm... That's silly. They're definitely needed. Try sending an e-mail > > and put quotes around something or use a single quote. The message ends up > > like this: > >> > >> He said \"Hi\" > >> > >> and > >> > >> Wouldn\'t you like to know. > >> > >> > >> Using stripslashes removes those uneccessary escape slashes around > > quotes. > >> > >> It's absolutely needed. > >> > >> > >> > >> On Fri, 17 Feb 2006 10:08:41 +0100, Håkan Lindqvist > > <[EMAIL PROTECTED]> wrote: > >> > I don't understand why it should be necessary to use stripslashes in > > the > >> > first place. The slashes shouldn't be there in the first place, except > >> > in SQL queries. > >> > > >> > To me it seems that stripslashes isn't what we're looking for. > >> > > >> > > >> > /Håkan > >> > > >> > On tor, 2006-02-16 at 22:47 -0500, Dean Jones wrote: > >> >> Look like someone forgot to use stripslashes on the subject and body > > of > >> > the > >> >> messages... :) > >> >> > >> >> Is there a standard for checking in patches if you have access to > > CVS? > >> > I've > >> >> fixed this, but I wanted to check and see what the procedure was for > >> > checking > >> >> in small fixes like this. > >> >> > >> >> Dean > >> >> > >> >> > >> >> > >> > > >> > > >> > >> > >> > >> > > > > > >
smime.p7s
Description: S/MIME cryptographic signature
