mirror of
https://github.com/sigmasternchen/php-doc-en
synced 2025-03-16 00:48:54 +00:00
Added a second example
git-svn-id: https://svn.php.net/repository/phpdoc/en/trunk@162733 c90b9560-bf6c-de11-be94-00142212c4b1
This commit is contained in:
parent
c346e06a0f
commit
ce8da4a036
1 changed files with 29 additions and 5 deletions
|
@ -1,11 +1,11 @@
|
|||
<?xml version="1.0" encoding="iso-8859-1"?>
|
||||
<!-- $Revision: 1.7 $ -->
|
||||
<!-- $Revision: 1.8 $ -->
|
||||
<!-- splitted from ./en/functions/info.xml, last change in rev 1.2 -->
|
||||
<refentry id="function.get-magic-quotes-gpc">
|
||||
<refnamediv>
|
||||
<refname>get_magic_quotes_gpc</refname>
|
||||
<refpurpose>
|
||||
Gets the current active configuration setting of magic quotes gpc
|
||||
Gets the current configuration setting of magic quotes gpc
|
||||
</refpurpose>
|
||||
</refnamediv>
|
||||
<refsect1>
|
||||
|
@ -15,7 +15,7 @@
|
|||
<void/>
|
||||
</methodsynopsis>
|
||||
<simpara>
|
||||
Returns the current active configuration setting of <link
|
||||
Returns the current configuration setting of <link
|
||||
linkend="ini.magic-quotes-gpc">magic_quotes_gpc</link> (0 for
|
||||
off, 1 for on).
|
||||
</simpara>
|
||||
|
@ -31,8 +31,8 @@
|
|||
</para>
|
||||
</note>
|
||||
<simpara>
|
||||
Keep in mind that <link linkend="ini.magic-quotes-gpc">
|
||||
magic_quotes_gpc</link> can not be set at runtime.
|
||||
Keep in mind that the setting <link linkend="ini.magic-quotes-gpc">
|
||||
magic_quotes_gpc</link> will not work at runtime. See example 2.
|
||||
</simpara>
|
||||
<para>
|
||||
<example>
|
||||
|
@ -57,6 +57,30 @@ $sql = "INSERT INTO lastnames (lastname) VALUES ('$lastname')";
|
|||
</programlisting>
|
||||
</example>
|
||||
</para>
|
||||
<para>
|
||||
In the interests of writing portable code (code that works
|
||||
in any enviroment), or, if you do not have access to change
|
||||
php.ini, you may wish to disable the effects of magic quotes
|
||||
on a per-script basis. This can be done in two ways, with a
|
||||
directive in a .htaccess file (php_value magic_quotes_gpc 0),
|
||||
or by adding the below code to the top of your scripts.
|
||||
<example>
|
||||
<title>Disabling magic quotes at runtime</title>
|
||||
<programlisting role="php">
|
||||
<![CDATA[
|
||||
<?php
|
||||
if (get_magic_quotes_gpc()) {
|
||||
$_POST = array_map('stripslashes', $_POST);
|
||||
$_GET = array_map('stripslashes', $_GET);
|
||||
$_COOKIE = array_map('stripslashes', $_COOKIE);
|
||||
}
|
||||
]]>
|
||||
</programlisting>
|
||||
</example>
|
||||
Magic-quotes was added to reduce code written by beginners from being dangerous.
|
||||
If you disable magic quotes, you must be very careful to protect yourself from
|
||||
SQL injection attacks.
|
||||
</para>
|
||||
<simpara>
|
||||
See also <function>addslashes</function>,
|
||||
<function>stripslashes</function>,
|
||||
|
|
Loading…
Reference in a new issue