I think this is correct:
Let's just assume for a minute that in your index.php you echo out getcwd();
Output would be / (only an example)
According to that you do the following include:
include("./classes/first.class.php");
If you were to echo getcwd() after the include in the first.class.php i
Jingle's Bells, not Jingle\'s Bells. Usually most of my $_POST data gets
written into a MySQL table to which I perform addslashes(). And on
retrieval stripslashes().
If I keep on doing that - and just start coding with magic_quotes_gpc
Off - my scripts shouldn't alter behavio
Chris schrieb:
That part is correct.
You shouldn't need to use addslashes - use mysql_real_escape_string or
mysql_escape_string depending on your (current) php version - they are
both "locale aware" and will escape things for you depending on mysql
server (re: language setup).
Then just use
Richard Lynch schrieb:
On Wed, November 29, 2006 11:55 pm, Johannes Lindenbaum wrote:
But... magic_quotes.
If my understanding is correct magic quotes will give ', " and \ (for
ASCII characters, e.g. \n) a preceding backslash to escape it. I also
see that magic_quotes_gpc() is On
Hello,
without trying to embarrass myself, but
Here the "smart quoting" function off php.net
|function quote_smart($value)
{
// Stripslashes
if (get_magic_quotes_gpc()) {
$value = stripslashes($value);
}
// Quote if not a number or a numeric string
if (!is_numeric($value)) {
Eric Butera schrieb:
You almost have it. What you need to do is if magic quotes is on,
then stripslashes and apply mysql_real_escape_string. If magic quotes
is off only apply mysql_real_escape_string since php didn't escape
values for you.
Also in your mysql_real_escape_string I would sugge
Blah sorry, I saw your second example not your final code. Some
scripts I use have different database connections and because of that
it is very important to always make sure I am using the correct link
identifier.
The php best practice example checks the string to see if it is a
number. If it
Hello,
in my eyes, if you want easy and secure and easily customisable use
Apachefriends' XAMPP.
It's released for Mac, Linux (various flavours, or as source) and Win32
environments.
http://www.apachefriends.org
Hope this helps,
Regards,
Johannes
--
PHP General Mailing List (http://www.ph
Sorry, my bad - totally ignore that email.
Thought you were looking for a new LAMPP solution.
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
9 matches
Mail list logo
