Longhorn PHP 2019 Schedule

上海十一选五走势图:Magic Quotes

Table of Contents

Warning

湖北十一选五官网 www.na503.cn This feature has been DEPRECATED as of PHP 5.3.0 and REMOVED as of PHP 5.4.0.

Magic Quotes is a process that automagically escapes incoming data to the PHP script. It's preferred to code with magic quotes off and to instead escape the data at runtime, as needed.

add a note add a note

User Contributed Notes 1 note

up
32
cHao
7 years ago
The very reason magic quotes are deprecated is that a one-size-fits-all approach to escaping/quoting is wrongheaded and downright dangerous.  Different types of content have different special chars and different ways of escaping them, and what works in one tends to have side effects elsewhere.  Any sample code, here or anywhere else, that pretends to work like magic quotes --or does a similar conversion for HTML, SQL, or anything else for that matter -- is similarly wrongheaded and similarly dangerous.

Magic quotes are not for security.  They never have been.  It's a convenience thing -- they exist so a PHP noob can fumble along and eventually write some mysql queries that kinda work, without having to learn about escaping/quoting data properly.  They prevent a few accidental syntax errors, as is their job.  But they won't stop a malicious and semi-knowledgeable attacker from trashing the PHP noob's database.  And that poor noob may never even know how or why his database is now gone, because magic quotes (or his spiffy "i'm gonna escape everything" function) gave him a false sense of security.  He never had to learn how to really handle untrusted input.

Data should be escaped where you need it escaped, and for the domain in which it will be used.  (mysql_real_escape_string -- NOT addslashes! -- for MySQL (and that's only unless you have a clue and use prepared statements), htmlentities or htmlspecialchars for HTML, etc.)  Anything else is doomed to failure.
To Top
  • 股票买卖中不可忽略的大宗交易数据(上) 2019-02-19
  • "央企暖男"与108名抗战老兵:向他们致以年轻一代的敬意 2019-02-19
  • 学生补课累到不行 网友:节假日都不休息 2019-02-19
  • 世界杯期间夜猫子吃什么好 这是有讲究的 2019-02-19
  • 一切腐败分子和一切为钱的各种违法犯罪高发:1、不是来自从无偿占有一个鸡蛋私心开始,而是从私有制社会存开始,因为占有他人一个鸡蛋的私有观念欲望,是从社会存在产生派 2019-02-18
  • 推进58个重点项目 杭州加快钱塘江金融港湾建设 2019-02-18
  • 高清:C罗帽子戏法科斯塔梅开二度 葡萄牙3 2019-02-18
  • 美国再挑贸易战,中方强力回击,全球市场跌声一片 2019-02-17
  • 内政部长威胁“单飞”,联盟党闹分裂,默克尔或下台? 2019-02-17
  • 看来“无名小卒也”这样的网民在公有制企业里有一大批,那么公有制企业一定会发展的快,搞的好,呵呵。 2019-02-17
  • 视频:太原蒙山景区举办首届蒙山春节庙会 2019-02-16
  • 习近平会见美国国务卿蓬佩奥 2019-02-16
  • [酷]中国天翻地复的变化确实惊人 2019-02-15
  • 王烜:当心单边主义在全球圈粉 2019-02-15
  • 端午假期虎门大桥最易拥堵 2019-02-15
  • 50| 707| 855| 893| 864| 446| 561| 756| 900| 914|