I've seen dozens of PHP snippets that go like this: function DB_Quote($string) { if (get_magic_quotes_gpc() == true) { $string = stripslashes($string); } return mysql_real_escape_string($string); } What happens if I call DB_Quote("the (\) character is cool");? (Thanks jspcal!) Aren't we supposed to strip slas...
By looking at the name of this directive one may think that magic_quotes are only applied to $_GET, $_POST and $_COOKIE superglobals but there is one perturbing comment on the PHP Manual: Please note, that when magic_quotes_gpc is set not only $_POST, $_GET, $_REQUEST, $_COOKIE arrays values are slashed. Actually every string...
Ok, so here's the issue I've run into. On some of our production systems, we have magic quotes gpc enabled. There's nothing I can do about that. So, I've built my request data handing classes to compensate: protected static function clean($var) { if (get_magic_quotes_gpc()) { if (is_array($var)) { foreach ($v...
Hi there, I have a site, locally setup. It's application development framework is Kohana. I have an error displaying the following: Unknown Error An error was detected which prevented the loading of this page. If this problem persists, please contact the website administrator. system/core/Kohana.php [98]: Function set_magic_quotes...