Astrid Emde (WhereGroup) schrieb:
On Thu, February 26, 2009 11:51 am, Christoph Baudson wrote:
Hello,
Mapbender is not very decisive whether to use stripslashes on request
parameters or not. We seem to indecisive if we assume magic_quotes_gpc
to be on or off (it is on by default).
I suggest we add something like this to globalSettings.php
if (get_magic_quotes_gpc() === 1) {
array_walk($_POST, 'stripslashes');
array_walk($_GET, 'stripslashes');
}
By this, all input would be properly prepared, and no stripslashing
would have to occur.
What do you think?
Christoph
Hello Christoph,
this idea sounds reasonable to me.
astrid
(I have just stumbled over this issue again, which resulted in another
wasted hour. I should have made a motion the first time around.)
I motion to add the code snippet
if (get_magic_quotes_gpc() === 1) {
array_walk($_POST, 'stripslashes');
array_walk($_GET, 'stripslashes');
}
to globalSettings.php, so it will automatically be executed in every
module. I volunteer to search for every occurence of stripslashes in
Mapbender, and remove it where appropriate.
(Maybe this is something that can be done in Bolsena.)
Please second and vote.
Christoph
_______________________________________________
Mapbender_dev mailing list
[email protected]
http://lists.osgeo.org/mailman/listinfo/mapbender_dev
--
_______________________________________
W h e r e G r o u p GmbH & Co. KG
Siemensstraße 8
53121 Bonn
Germany
Christoph Baudson
Anwendungsentwickler
Fon: +49 (0)228 / 90 90 38 - 15
Fax: +49 (0)228 / 90 90 38 - 11
[email protected]
www.wheregroup.com
Amtsgericht Bonn, HRA 6788
_______________________________________
Komplementärin:
WhereGroup Verwaltungs GmbH
vertreten durch:
Olaf Knopp, Peter Stamm
_______________________________________
_______________________________________________
Mapbender_dev mailing list
[email protected]
http://lists.osgeo.org/mailman/listinfo/mapbender_dev
