Jump to content
xisto Community
awesomebill61

Question Regarding Magic_quotes And Addslashes()

Recommended Posts

my php configuration has magic_quotes_runtime set to offso, when i pull a string out of a mysql db, how come it shows up just fine without running it through addslashes()?when i run it through addslashes(), it adds slashes where its supposed to.... but when i don't use it it shows up just finei am curious as to why i dont have to run addslashes() to make my text show up rightcan anyone answer my question?

Share this post


Link to post
Share on other sites

Magic_quotes function adds slashes to strings going to a Database. If it is set 'off', then the Database does not contain the escapes "\", so they won't be there when you return the data.

Magic_quotes is deprecated in php6.

 

http://forums.xisto.com/no_longer_exists/

Share this post


Link to post
Share on other sites

Whenever you pull something out of your database that has slashes added to it, always strip the slashes using the stripslashes() function. It is better for you to add slashes to any input that's going into the database for security reasons. But it's better to use the mysql_real_escape_string() function than addslashes().

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×
×
  • Create New...

Important Information

Terms of Use | Privacy Policy | Guidelines | We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.