Jump to content


Photo

The meaning of get_magic_quotes_gpc()


  • Please log in to reply
5 replies to this topic

#1 lucerias

lucerias
  • Members
  • PipPipPip
  • Advanced Member
  • 101 posts

Posted 02 October 2006 - 09:13 AM

Can anyone explain get_magic_quotes_gpc() to me? i have gone through the definition of PHP from site but can't really get the point. Thank you.

#2 wildteen88

wildteen88
  • Staff Alumni
  • Advanced Member
  • 10,482 posts
  • LocationUK, Bournemouth

Posted 02 October 2006 - 09:23 AM

In short:
Returns the current configuration setting of magic_quotes_gpc which is set in the php.ini

So if the magic_quotes_gpc is set to 1 or TRUE the get_magic_quotes_gpc function will return true. If magic_quotes_gpc is set to 0 or FALSE get_magic_quotes_gpc function will return false.

magic_quotes escapes quotes from within a string which is PHPs way of making user input safe for you to use.

#3 Jenk

Jenk
  • Members
  • PipPipPip
  • Advanced Member
  • 778 posts

Posted 02 October 2006 - 01:26 PM

A semantic correction: get_magic_quotes_gpc() returns 0 or 1.

#4 lucerias

lucerias
  • Members
  • PipPipPip
  • Advanced Member
  • 101 posts

Posted 03 October 2006 - 01:04 AM

Thanks guys, i know that it returns bool true or false but what is this config about? I am not asking on or off but the purpose of magic_quotes_gpc() itself.

#5 printf

printf
  • Staff Alumni
  • Advanced Member
  • 889 posts

Posted 03 October 2006 - 01:42 AM

It was a safety feature, originally designed to help new coders starting to learn PHP. Because PHP learning curve is some what easy compared to Perl or other higher level languages you end up with many people who want just the end result, they don't care about learning how to set a good coding standard that they should follow. This results in thousands of hacked script floating around the Internet that are dangerous. So my hosts started implementing magic_quotes so as to protect their servers from all of these dangerous scripts! But this can cause even more problems, if you don't check if magic_quotes is on and then you addslashes to already escaped string. Adding slashes like anything else you do, should be done in a selective way, because it senseless to addslashes to a variable value that doesn't need it.

me!

#6 lucerias

lucerias
  • Members
  • PipPipPip
  • Advanced Member
  • 101 posts

Posted 03 October 2006 - 02:27 AM

Thank you printf, your explanation is impressive.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users