Hi Rasmus!

Thanks for your explanation. Unfortunately I am using a server on which I
do not have write access to php.ini. I have also been noticing that
a submitted \" is received as " when I use stripslashes() thus
stripslashes() is not a totally safe alternative. Is there a
way that I can achieve the magic_quotes_gpc effect without
modifying the php.ini file? I guess I can do a
set_magic_quotes_runtime(0); I am not sure if
this is what I need in my situation.

Thanks, and thanks for PHP!!!


On Sun, 9 Sep 2001, Rasmus Lerdorf wrote:

> > I would like to know why PHP adds slashes to the double quote,
> > single quote, and backslash characters when submitting a form.
> > In particular it would be nice if the PHP manual or some other
> > manual mentioned this but I could not find any official
> > documentation on this issue. Why does PHP add the
> > slashes in the first place? (I'm using PHP 4.0.4pl1
> > and don't know if this is just a bug or whether
> > it was meant to be this way).
> It is meant to be this way because so many scripts out there send form
> data directly to databases where these need to be escaped.  You can change
> this behaviour with the magic_quotes_gpc directive in your php.in file.
> See http://www.php.net/manual/en/configuration.php
> -Rasmus

PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]

Reply via email to