The following quote is from

magic_quotes_gpc boolean

Sets the magic_quotes state for GPC (Get/Post/Cookie) operations. When 
magic_quotes are on, all ' (single-quote), " (double quote), \ 
(backslash) and NUL's are escaped with a backslash automatically. If 
magic_quotes_sybase is also on, a single-quote is escaped with a 
single-quote instead of a backslash.

I was hoping someone could just clarify something for me -- exactly WHAT 
is a Get/Post/Cookie operation in this case -- is it just during the 
uploading of Get/Post/Cookie data from the user agent, or is it also 
when I am taking a $_POST variable and passing it through a 
string-altering function, etc?

I have a MySQL DB on the other side of my PHP scripts from the user, and 
am trying to decide whether or not I should stripslash() the data before 
entering it into the DB.  This would defeat the purpose, but otherwise I 
end up with columns with values like "Mike\'s Pleasure Hut" or "Jean 
D\'Arc", and this will make queries tricky in the future.

Thank you for your advice.



Erik Price
Web Developer Temp
Media Lab, H.H. Brown

PHP General Mailing List (
To unsubscribe, visit:

Reply via email to