Journal yintercept's Journal: Stripping Slashes 3
Zend's waffling on features like register globals and magic quotes has made programming more like walking through a minefield than simple scripting. To have the same script run on different servers, the script must detect current settings than act accordingly.
It is not that I have problems with the idea of detecting settings and acting accordingly. It is just that such actions are very inefficient in a scripting language. (It would not be a problem in a compiled language).
Anyway, I am trying to figure out how to write a program for populating a database that would work with MagicQuotes on or off. If this were a compiled language, I would simply write a replacement program for addslashes(). The program would not add slashes if slashes have already been added. Such a scheme would prevent the double slashing affect, but would fail when a person wants to add slashed data to the database. For example, if you were writing documentation for PHP, or were storing PHP code in a database.
It is not that I have problems with the idea of detecting settings and acting accordingly. It is just that such actions are very inefficient in a scripting language. (It would not be a problem in a compiled language).
Anyway, I am trying to figure out how to write a program for populating a database that would work with MagicQuotes on or off. If this were a compiled language, I would simply write a replacement program for addslashes(). The program would not add slashes if slashes have already been added. Such a scheme would prevent the double slashing affect, but would fail when a person wants to add slashed data to the database. For example, if you were writing documentation for PHP, or were storing PHP code in a database.
The way to do it: (Score:2)
get_magic_quotes_runtime(); [php.net]
Then:
Re: (Score:2)
Nice code. I like the recursive loop to catch nested arrays.
What really has me down is the difficulty in testing PHP code to determine which is the most efficient way to detect and respond to magic quotes for a production server. The code will be called hundreds of thousands of times a day. It may be more efficient to test for magic quotes only once, and striptags if the feature is on. This code might look like
It seems absurd to code that does
Re: (Score:2)
Actually, http://us2.php.net/ini_set [php.net] has a response in the middle somewhere that explains how to use an Apache