Added a second example

git-svn-id: https://svn.php.net/repository/phpdoc/en/trunk@162733 c90b9560-bf6c-de11-be94-00142212c4b1
This commit is contained in:
Aidan Lister 2004-07-06 07:10:06 +00:00
parent c346e06a0f
commit ce8da4a036

View file

@ -1,11 +1,11 @@
<?xml version="1.0" encoding="iso-8859-1"?>
<!-- $Revision: 1.7 $ -->
<!-- $Revision: 1.8 $ -->
<!-- splitted from ./en/functions/info.xml, last change in rev 1.2 -->
<refentry id="function.get-magic-quotes-gpc">
<refnamediv>
<refname>get_magic_quotes_gpc</refname>
<refpurpose>
Gets the current active configuration setting of magic quotes gpc
Gets the current configuration setting of magic quotes gpc
</refpurpose>
</refnamediv>
<refsect1>
@ -15,7 +15,7 @@
<void/>
</methodsynopsis>
<simpara>
Returns the current active configuration setting of <link
Returns the current configuration setting of <link
linkend="ini.magic-quotes-gpc">magic_quotes_gpc</link> (0 for
off, 1 for on).
</simpara>
@ -31,8 +31,8 @@
</para>
</note>
<simpara>
Keep in mind that <link linkend="ini.magic-quotes-gpc">
magic_quotes_gpc</link> can not be set at runtime.
Keep in mind that the setting <link linkend="ini.magic-quotes-gpc">
magic_quotes_gpc</link> will not work at runtime. See example 2.
</simpara>
<para>
<example>
@ -57,6 +57,30 @@ $sql = "INSERT INTO lastnames (lastname) VALUES ('$lastname')";
</programlisting>
</example>
</para>
<para>
In the interests of writing portable code (code that works
in any enviroment), or, if you do not have access to change
php.ini, you may wish to disable the effects of magic quotes
on a per-script basis. This can be done in two ways, with a
directive in a .htaccess file (php_value magic_quotes_gpc 0),
or by adding the below code to the top of your scripts.
<example>
<title>Disabling magic quotes at runtime</title>
<programlisting role="php">
<![CDATA[
<?php
if (get_magic_quotes_gpc()) {
$_POST = array_map('stripslashes', $_POST);
$_GET = array_map('stripslashes', $_GET);
$_COOKIE = array_map('stripslashes', $_COOKIE);
}
]]>
</programlisting>
</example>
Magic-quotes was added to reduce code written by beginners from being dangerous.
If you disable magic quotes, you must be very careful to protect yourself from
SQL injection attacks.
</para>
<simpara>
See also <function>addslashes</function>,
<function>stripslashes</function>,