robert_gsfame Posted January 25, 2010 Share Posted January 25, 2010 I just wonder what is the use of get_magic_quotes_gpc() function compared to mysql_real_escape_string() As far as i know, get_magic_quotes_gpc() will add slash to all special characters like '', " ", \ so does the mysql_real_escape_string() What makes this 2 functions different?? and if it has the same function, then is it safe enough to use get_magic_quotes() Thx for any helps Link to comment https://forums.phpfreaks.com/topic/189673-get_magic_quotes_gpc-and-mysql_real_escape_string/ Share on other sites More sharing options...
MadTechie Posted January 25, 2010 Share Posted January 25, 2010 magic quotes are EVIL and have been DEPRECATED as of PHP 5.3.0 and REMOVED as of PHP 6.0.0. Relying on this feature is highly discouraged. so for using STRING's in SQL use mysql_real_escape_string Link to comment https://forums.phpfreaks.com/topic/189673-get_magic_quotes_gpc-and-mysql_real_escape_string/#findComment-1001032 Share on other sites More sharing options...
robert_gsfame Posted January 25, 2010 Author Share Posted January 25, 2010 Okay, so what i have to do is to use mysql_real_escape_string() and use htmlspecialchars(stripslashes($value)) or htmlentities(stripslashes($value)) to retrieve the records.. is this correct?? Link to comment https://forums.phpfreaks.com/topic/189673-get_magic_quotes_gpc-and-mysql_real_escape_string/#findComment-1001033 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.