Analysis of security issues caused by PHP magic quotes, magic quotes. Analysis of security problems caused by PHP magic quotes. magic quotes PHP may cause security problems by extracting the "" character produced by Magic Quotes. for example, the
Blankyao said, "The process of learning is to constantly find mistakes, and constantly correct mistakes";
Let's see what the manual says!
For the average person, look at the first two paragraphs.
Magic Quotes
Code:
Magic Quotes is a process this
PHP Magic Quotes brings security issues analysis, magic quotes
The "\" character generated by PHP by extracting magic quotes poses some security problem, such as the following snippet:
Foo.php?xigr= ' Ryatfunction daddslashes ($string, $force = 0) {
The format of a string is the processing of a string into a particular format. Usually the data that the user gives to the server from the form is in the form of strings, and in order to achieve the desired output, the strings need to be processed
The PHPjson string is used to process special characters (single quotation marks, double quotation marks ). PHP json string processing of special characters (single quotation marks, double quotation marks) Preface: form forms use POST, GET, and
Recently found to do a PHP program form data submission to the content of the database, as long as the content with single or double quotes, a backslash will be added later. And every time you save a backslash, it's depressing.
So from the Internet
PHP Tutorial Configuration Chinese Narration
Let's see what you see, php.ini.
[PHP]
;;;;;;;;;;;; WARNING;;;;;;;;;;;;; This is the default settings file for new PHP installations.; By default, PHP installs itself with a configuration suitable for;
When processing mysql, GET, and POST data, you often need to escape the data quotation marks. PHP has three settings for automatic (single quotation marks), (double quotation marks), (backslash) and NULL character rotation. PHP calls it magic quotes.
1, the string connectorHalf-width symbol "." is a string connector that connects two or more two strings to a string. For example:$name = "cloud-dwelling Community network:";$url = WWW.51EBK;Echo $name. $url. ". com";?>The results of the operation
If you use codeIgniter (CI) as a website friend, you will find that any url of the website will contain an index by default. php, from the SEO perspective, has little impact on the website, but it is very uncomfortable for the beauty of the url,
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
info-contact@alibabacloud.com
and provide relevant evidence. A staff member will contact you within 5 working days.