mirror of
https://github.com/sigmasternchen/php-doc-en
synced 2025-03-15 16:38:54 +00:00
Basic information, much more to come later
git-svn-id: https://svn.php.net/repository/phpdoc/en/trunk@168129 c90b9560-bf6c-de11-be94-00142212c4b1
This commit is contained in:
Aidan Lister
parent
49cbe807b0
commit
44a97cb5cf
1 changed files with 67 additions and 0 deletions
67
security/magicquotes.xml
Normal file
67
security/magicquotes.xml
Normal file
|
|
@ -0,0 +1,67 @@
|
|||
<?xml version="1.0" encoding="iso-8859-1"?>
|
||||
<!-- $Revision: 1.1 $ -->
|
||||
<chapter id="security.magicquotes">
|
||||
<title>Magic Quotes</title>
|
||||
<para>
|
||||
Magic-quotes was added to reduce code written by beginners from being dangerous.
|
||||
If you disable magic quotes, you must be very careful to protect yourself from
|
||||
SQL injection attacks.
|
||||
</para>
|
||||
|
||||
<sect1 id="security.magicquotes.disabling">
|
||||
<title>Disabling Magic Quotes</title>
|
||||
<para>
|
||||
In the interests of writing portable code (code that works
|
||||
in any environment), or, if you do not have access to change
|
||||
php.ini, you may wish to disable the effects of magic quotes
|
||||
on a per-script basis. This can be done several different ways.
|
||||
</para>
|
||||
<para>
|
||||
<example>
|
||||
<title>Disabling magic quotes at runtime</title>
|
||||
<programlisting role="php">
|
||||
<![CDATA[
|
||||
<?php
|
||||
if (get_magic_quotes_gpc()) {
|
||||
function stripslashes_deep($value)
|
||||
{
|
||||
$value = is_array($value) ?
|
||||
array_map('stripslashes_deep', $value) :
|
||||
stripslashes($value);
|
||||
|
||||
return $value;
|
||||
}
|
||||
|
||||
$_POST = array_map('stripslashes_deep', $_POST);
|
||||
$_GET = array_map('stripslashes_deep', $_GET);
|
||||
$_COOKIE = array_map('stripslashes_deep', $_COOKIE);
|
||||
}
|
||||
?>
|
||||
]]>
|
||||
</programlisting>
|
||||
</example>
|
||||
</para>
|
||||
</sect1>
|
||||
|
||||
</chapter>
|
||||
|
||||
<!-- Keep this comment at the end of the file
|
||||
Local variables:
|
||||
mode: sgml
|
||||
sgml-omittag:t
|
||||
sgml-shorttag:t
|
||||
sgml-minimize-attributes:nil
|
||||
sgml-always-quote-attributes:t
|
||||
sgml-indent-step:1
|
||||
sgml-indent-data:t
|
||||
indent-tabs-mode:nil
|
||||
sgml-parent-document:nil
|
||||
sgml-default-dtd-file:"../../manual.ced"
|
||||
sgml-exposed-tags:nil
|
||||
sgml-local-catalogs:nil
|
||||
sgml-local-ecat-files:nil
|
||||
End:
|
||||
vim600: syn=xml fen fdm=syntax fdl=2 si
|
||||
vim: et tw=78 syn=sgml
|
||||
vi: ts=1 sw=1
|
||||
-->
|
||||
Loading…
Reference in a new issue