On Wed, 3 Jul 2002, Jean-Christian Imbeault wrote:
> Erik Price wrote:
>> Turn off magic_quotes and do addslashes() explicitly every time you do
>> a database insert.  Then make sure you always stripslash() data
>> returned from a database query.
>> magic_quotes is convenient for newbies, but after a while you'll find it 
>> only trips you up, as you've discovered.
> I totally agree.

Chalk me up as another magic_quotes hater. 

Unless your code is very simplistic, you'll end up with far more
stripslasheses than you would have had addslasheses. So it's a net waste
of time, and leads to all sorts of irritating data corruption bugs that
are a nuisance to track down.


PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Reply via email to