Ok, I'm looking at a function whose purpose is to "prepare" the
contents (usually input by a user) of a variable to be inserted into a
MySQL database. It's pretty simple, really; just check to see if
magic_quotes_* is on and then addslashes() if it's not.
What I'm having trouble wrapping my head around is the difference
between magic_quotes_gpc and magic_quotes_runtime.
The function I'm looking at calls get_magic_quotes_runtime() to decide
whether or not to apply addslashes() to the data, but I can't help but
think that it should be calling get_magic_quotes_gpc() instead,
considering the data is coming from *outside* and going *into* the
database...
Am I misunderstanding something here, or did someone do a no-no with
that function?
- Ryan