This process could
be done either automatically, by enabling the directive magic_quotes_gpc (introduced in this
section), or manually, by using the functions addslashes() and stripslashes(). The latter
strategy is recommended because it enables you to wield total control over the application, although in
those cases where you??™re trying to use an application in which the automatic escaping of quotations
is expected, you??™ll need to enable this behavior accordingly.
Three parameters have long determined how PHP behaves in this regard: magic_quotes_
gpc, magic_quotes_runtime, and magic_quotes_sybase. However, because this feature has
long been a source of confusion among developers, it??™s been removed as of PHP 6.
magic_quotes_gpc = On | Off
Scope: PHP_INI_SYSTEM; Default value: On
This parameter determines whether magic quotes are enabled for data transmitted
via the GET, POST, and cookie methodologies. When enabled, all single and
double quotes, backslashes, and null characters are automatically escaped with a
backslash.
magic_quotes_runtime = On | Off
Scope: PHP_INI_ALL; Default value: Off
Enabling this parameter results in the automatic escaping (using a backslash) of any
quote marks located within data returned from an external resource, such as a database
or text file.
44 CHAPTER 2 ?– CONFIGURING YOUR ENV IRONMENT
magic_quotes_sybase = On | Off
Scope: PHP_INI_ALL; Default value: Off
This parameter is only of interest if magic_quotes_runtime is enabled.
Pages:
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127