csnyder wrote:
On 8/15/07, Anthony Wlodarski <[EMAIL PROTECTED]> wrote:
So I was doing some reading on magic quotes and wrote a simple check to see
if it is on or not. On our box magic quotes are disabled (which is the way
I would prefer it, I would rather manually add my own slashes to sequences
that need it) but my shared hosting has magic quotes enabled. Now I know
the admin of the shared hosting is not going to turn off magic quotes
because not everyone that uses the services are diligent programmers.
See http://us3.php.net/manual/en/security.magicquotes.disabling.php --
you can either disable it in an .htaccess file at the web root, or you
can use get_magic_quotes_gpc() to check for it and, if on, apply
stripslashes() to input values.
Oh, doh. the C in GPC stands for cookie, so yeah you can strip it off
the cookies and request variable as well.
_______________________________________________
New York PHP Community Talk Mailing List
http://lists.nyphp.org/mailman/listinfo/talk
NYPHPCon 2006 Presentations Online
http://www.nyphpcon.com
Show Your Participation in New York PHP
http://www.nyphp.org/show_participation.php
