473,385 Members | 1,642 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

home > topics > php > questions > question about magic quotes

Join Bytes to post your question to a community of 473,385 software developers and data experts.

question about magic quotes

Hi all,

I've been reading up on magic quotes but I'm still confused, seems like
all the info I can find is just regurgitating the little blurb in the
php manual. My question is this: if I turn both magic_quotes_gpc and
magic_quotes_runtime ON in php.ini, does that mean I do not need to also
use addslashes() and stripslashes() on all my GPC and MySQL data? i.e.
does magic_quotes in effect take care of addslashes() and stripslashes()
automatically? Thanks in advance.

Marcus

Jul 17 '05 #1
2 1897
Marcus wrote:
Hi all,

I've been reading up on magic quotes but I'm still confused, seems like
all the info I can find is just regurgitating the little blurb in the
php manual. My question is this: if I turn both magic_quotes_gpc and
magic_quotes_runtime ON in php.ini, does that mean I do not need to also
use addslashes() and stripslashes() on all my GPC and MySQL data? i.e.
does magic_quotes in effect take care of addslashes() and stripslashes()
automatically? Thanks in advance.

Marcus


Sorry for another post, but just to clarify on my previous post, is
there a proper configuration with any/all of the magic_quotes values so
that I can "safely" accept data and interact with my DB without using
addslashes/deleteslashes everywhere?

Also, when I look in my MySQL tables through the command prompt, if
records with single quotes do not show up as escaped by /, am I doing
something wrong? Thanks again.

Marcus

Jul 17 '05 #2
.oO(Marcus)
Sorry for another post, but just to clarify on my previous post, is
there a proper configuration with any/all of the magic_quotes values so
that I can "safely" accept data and interact with my DB without using
addslashes/deleteslashes everywhere?
I don't care about magic quotes anymore, I do the escaping on my own.
When "importing" user-submitted data I run it through something like
this to have the data in raw format:

function filter($data) {
return get_magic_quotes_gpc() ? stripslashes($data) : $data;
}

Then, when necessary, I use mysql_escape_string(), htmlspeciclchars()
etc. to escape/convert the data, dependent on what I wanna do with it.
IMHO it's more reliable to have control over the data handling instead
of relying on some "background magic", which might lead to unexpected
results.
Also, when I look in my MySQL tables through the command prompt, if
records with single quotes do not show up as escaped by /, am I doing
something wrong?


No, the escape chars are not stored in the database.

Micha
Jul 17 '05 #3
New Post

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

5
Form Script Question
by: Zapp | last post by:
Hi Can anyone tell me why my form script fails at this line <form action="$_SERVER" method="POST"> when running on my ISP which is using PHP version 4.3.2, Configure Command './configure'...
PHP
3
Question re writing to a text file
by: JackM | last post by:
I am attempting to code a small script to process the fields from a form and write it to a text file using the semi-colon as the delimiter. So far I am successful in doing that using the following:...
PHP
1
magic quotes and register globals
by: yawnmoth | last post by:
even though register globals is disabled by default, i'm currious as to how it and magic quotes interact. consider the following code: <? // assuming $_GET='"test"' and register globals enabled...
PHP
4
escaping, stripslashes and magic quotes!
by: Dave Moore | last post by:
Hi All, Can anybody point me to a FAQ or similar that describes what all this stuff is about please?. I'm interfacing with a MySQL database if that's relavent. I've read a couple of books which...
PHP
5
"complex" rollover animation question
by: Brian Angliss | last post by:
I'm relatively new to scripting in JavaScript, so I'm not too surprised I'm having difficulty scripting up an animation effect for my personal site. What I'm trying to do is the following: When...
Javascript
10
More magic quotes questions
by: Jon | last post by:
All, Yes, it's more of the famous 'what do I do about magic_quotes' questions. Anyways, here we go: I've been a PHP developer for about a year now, and have grown to detest magic_quotes for...
PHP
16
Really easy cygwin / gcc question
by: Michael | last post by:
Hi All, Why when I complile and run the following: #include "stdio.h" main(void) { printf("test test test\n"); }
C / C++
2
question about validation and sql injection
by: Sudhakar | last post by:
A) validating username in php as part of a registration form a user fills there desired username and this is stored in a mysql. there are certain conditions for the username. a) the username...
PHP
25
Question: XMLHttpRequest
by: q-rious | last post by:
Hello All, I have a question regarding XMLHttpRequest. I have the following code (as part of a much larger file): function loadXMLDoc(url) { // branch for native XMLHttpRequest object if...
Javascript
0
Wordpress or something else?
by: Faith0G | last post by:
I am starting a new it consulting business and it's been a while since I setup a new website. Is wordpress still the best web based software for hosting a 5 page website? The webpages will be...
Content Management Systems
0
One-click Importing Excel Data into a*Database
by: ryjfgjl | last post by:
In our work, we often need to import Excel data into databases (such as MySQL, SQL Server, Oracle) for data analysis and processing. Usually, we use database tools like Navicat or the Excel import...
Microsoft Excel
0
Basic Javascript concepts
by: aa123db | last post by:
Variable and constants Use var or let for variables and const fror constants. Var foo ='bar'; Let foo ='bar';const baz ='bar'; Functions function $name$ ($parameters$) { } ...
Javascript
0
Batch import of multiple excel files into the database
by: ryjfgjl | last post by:
If we have dozens or hundreds of excel to import into the database, if we use the excel import function provided by database editors such as navicat, it will be extremely tedious and time-consuming...
Data Management
0
Merging data from multiple Excel files
by: ryjfgjl | last post by:
In our work, we often receive Excel tables with data in the same format. If we want to analyze these data, it can be difficult to analyze them because the data is spread across multiple Excel files...
Data Management
0
Migrating Website to Cloud - Emmanuel Katto
by: emmanuelkatto | last post by:
Hi All, I am Emmanuel katto from Uganda. I want to ask what challenges you've faced while migrating a website to cloud. Please let me know. Thanks! Emmanuel
General
0
BarryA
Navigating the Data Structures and Algorithms (DSA)
by: BarryA | last post by:
What are the essential steps and strategies outlined in the Data Structures and Algorithms (DSA) roadmap for aspiring data scientists? How can individuals effectively utilize this roadmap to progress...
Algorithms / Advanced Math
1
Looking to do Android software development, any suggestions? Is flutter better?
by: nemocccc | last post by:
hello, everyone, I want to develop a software for my android phone for daily needs, any suggestions?
General
0
How to build RAID in BIOS?
by: Hystou | last post by:
There are some requirements for setting up RAID: 1. The motherboard and BIOS support RAID configuration. 2. The motherboard has 2 or more available SATA protocol SSD/HDD slots (including MSATA, M.2...
Computer Hardware

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.

BYTES.COM © 2024
About Bytes
Terms Of Use
Privacy Policy
Sitemap
Advertise on Bytes:
Post a Job
Sponsored Posts
Platinum & Gold Sponsors
Hire Now!