For Magic quotes, it is a commonplace question for phper. Today I accidentally see an article, combined with PHP Manual and its reply, here to do a simple summary.
In short, the input data is automatically escaped when the Magic quotes is turned on.
Analysis of security issues caused by PHP magic quotes, magic quotes. Analysis of security problems caused by PHP magic quotes. magic quotes PHP may cause security problems by extracting the "" character produced by Magic Quotes. for example, the
PHP Magic Quotes brings security issues analysis, magic quotes
The "\" character generated by PHP by extracting magic quotes poses some security problem, such as the following snippet:
Foo.php?xigr= ' Ryatfunction daddslashes ($string, $force = 0) {
Before writing a php application that is not affected by Magic Quotes: you must read chapter 10th magic quotes from Section IV security in the php Manual ". If you haven't read it, it's okay. now it takes 10 minutes to take a look at this in the php
PHP magic quotes. The security of PHP lies in its default configuration of php. the ini-dist contains magic_quotes_gpcOn, which is called "MagicQuote". it is useful for PHP beginners. "Although the security of SQL injection in PHP lies in its
1. What is the function of magic quotes?
?The Magic quote design was designed to escape from a database or file and receive parameters from a request, with single quotes, double quotes, backslashes, and null plus a backslash, which works
& Nbsp; the security of PHP lies in its default configuration of php. the ini-dist contains magic_quotes_gpcOn, which is called "MagicQuote". it is very useful for PHP beginners, "although SQL injection is still possible when magic quotes are opened,
One, Magic quotes 1. MAGIC_QUOTES_GPC variableWhat is Magic QuotesWarningThis feature has been deprecated since PHP 5.3.0 and will be removed from PHP 5.4.0.When turned on, all ' (single quotes), "(double quotes), \ (backslash), and NULL characters
Original works author Water Mengchun, reproduced please specify the source lib.cublog.cnRead the premise: you must read the " Part IV Security" chapter "10th Magic Quotes" in the PHP manual. If you haven't seen it, it's no problem, now take 10
One, what is magic quotes
Reminder: This feature has been discarded from PHP 5.3.0 and will be removed from PHP 5.4.0.So after version 5.4 the PHP profile is not found with the configuration information of the magic quotes
When opened, all '
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
info-contact@alibabacloud.com
and provide relevant evidence. A staff member will contact you within 5 working days.