magic_quotes
Simon Hildrew
simon at ury.york.ac.uk
Wed Nov 14 18:41:54 PST 2001
Hi all,
We are currently using horde and imp to serve webmail on our server,
although we are using it with magic_quotes_gpc = on due to the fact that all
the other databases that use the same install of PHP etc need this to
operate. Why is it so critical that this is set to off? Surely you can
just add a bit of code to ensure that the input is correct anyway? Such as
this (from the PHP website):
if (get_magic_quotes_gpc())
// Overrides GPC variables
for (reset($HTTP_GET_VARS); list($k, $v) = each($HTTP_GET_VARS); )
$$k = stripslashes($v);
for (reset($HTTP_POST_VARS); list($k, $v) = each($HTTP_POST_VARS); )
$$k = stripslashes($v);
for (reset($HTTP_COOKIE_VARS); list($k, $v) = each($HTTP_COOKIE_VARS); )
$$k = stripslashes($v);
}
That way the setting is irrelevant. Is there any reason against doing this?
If I wanted to do this myself, where abouts would I go about doing it? Is
there a single location I can place it?
Cheers,
Simon
More information about the horde
mailing list