Rapide Advanced Adulte
   security magicquotes   
Resultatssecurity magicquotes   |   Contact

     Manuel PHP     

 

Table :

.Introduction
.General considerations
.Installed as CGI binary
.Installed as an Apache module
.Filesystem Security
.Database Security
.Error Reporting
.Using Register Globals
.User Submitted Data
.Magic Quotes
.Hiding PHP
.Keeping Current
 		    

  security magicquotes  


Security
PHP Manual

Magic Quotes

Table of Contents

Warning

This feature is DEPRECATED and REMOVED as of PHP 6.0.0. Relying on this feature is highly discouraged.

Magic Quotes is a process that automagically escapes incoming data to the PHP script. It's preferred to code with magic quotes off and to instead escape the data at runtime, as needed.

What are Magic Quotes

When on, all ' (single-quote), " (double quote), \ (backslash) and NULL characters are escaped with a backslash automatically. This is identical to what addslashes() does.

There are three magic quote directives:

  • magic_quotes_gpc Affects HTTP Request data (GET, POST, and COOKIE). Cannot be set at runtime, and defaults to on in PHP. See also get_magic_quotes_gpc().
  • magic_quotes_runtime If enabled, most functions that return data from an external source, including databases and text files, will have quotes escaped with a backslash. Can be set at runtime, and defaults to off in PHP. See also set_magic_quotes_runtime() and get_magic_quotes_runtime().
  • magic_quotes_sybase If enabled, a single-quote is escaped with a single-quote instead of a backslash. If on, it completely overrides magic_quotes_gpc. Having both directives enabled means only single quotes are escaped as ''. Double quotes, backslashes and NULL's will remain untouched and unescaped. See also ini_get() for retrieving its value.
Security
PHP Manual


 Back to chapter Php

  

Top
 

Add JungleKey to your Explorer
 
 

About Us | © 2007 JungleKey

   PHP 手册



iBlack | Mobile | Wiki | Add Engine
.