Before writing a php application that is not affected by Magic Quotes: you must read chapter 10th magic quotes from Section IV security in the php Manual ". If you haven't read it, it's okay. now it takes 10 minutes to take a look at this in the php
PHP magic quotes. The security of PHP lies in its default configuration of php. the ini-dist contains magic_quotes_gpcOn, which is called "MagicQuote". it is useful for PHP beginners. "Although the security of SQL injection in PHP lies in its
Recently found to do a PHP program form data submission to the content of the database, as long as the content with single or double quotes, a backslash will be added later. And every time you save a backslash, it's depressing.
So from the Internet
& Nbsp; the security of PHP lies in its default configuration of php. the ini-dist contains magic_quotes_gpcOn, which is called "MagicQuote". it is very useful for PHP beginners, "although SQL injection is still possible when magic quotes are opened,
The content from the PHP manual (http://php.net/manual/zh/security.magicquotes.what.php) is recorded.
When Magic quotes open, all '(single quotes),"(double quotes),\(backslashes), and NULL characters are automatically escaped with a backslash. This
This article describes the way to turn off magic quotes in PHP MAGIC_QUOTES_GPC, with the need for a friend reference.In PHP, the MAGIC_QUOTES_GPC instruction is only closed at the system level and cannot be closed at run time. You cannot use
When you use PHP for Web development, the entry needs to pay attention to some security configuration items, turn off some features, to prevent users inadvertently appear a variety of problems.
1. turn off the PHP prompt error feature
Change the
The server space provided by the general space provider default PHP instruction MAGIC_QUOTES_GPC is on, which is open. You can then use the stripslashes () function to remove the automatically added backslash. Usage is: For example, the variable
PHP Tutorial Configuration Chinese Narration
Let's see what you see, php.ini.
[PHP]
;;;;;;;;;;;; WARNING;;;;;;;;;;;;; This is the default settings file for new PHP installations.; By default, PHP installs itself with a configuration suitable for;
Magic method is a two underline "__" The beginning, has a special role of some methods, can be seen as PHP's "grammatical sugar."
Grammatical sugars are grammars that do not add new functionality to computer languages but are more "sweet" to humans.
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
info-contact@alibabacloud.com
and provide relevant evidence. A staff member will contact you within 5 working days.