Moriyoshi Koizumi wrote: > > Oops, I should have said mbstring.encoding_translation=on actually :)
Ok. Turning that on.
>>In which case I am safe :) But then again anyone who would want to try
>>an SQL injection attack might try and send some SJIS ... better safe
>>than sorry :)
>
>
> It took some minutes to sort out what you're saying here.. By the word
> "clients" I meant browsers and there I was trying to mention a case that
> some browsers that have certain settings try to send GET queries in UTF-8
> while such queries are basically supposed to be encoded in the same
> encoding as that the page is written in.
Sorry if my intentions were not clear but I am trying to protect myself from SQL injection attacks by using addslashes() to user provided information. I cannot assume anything about the incoming data (not even the encoding) since anyone trying to hack my machine by using such a technique could pretty much send whatever they wanted using a telnet session or what not ...
> Anyway, Shift_JIS is not a great choice for PHP scripting.
Tell me about it. I have the hardest time getting the people who actually make the HTML page to use EUC instead of SJIS. Of course they all use MS platforms to create the HTML content so they can't understand why SJIS causes me pain when I try and edit it in *NIX box or parse it in PHP ...
Thanks for the info!
Jc
-- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
