 |  |  |  |  |  |  |  |
what does this code do?
Please support our PHP advertiser: PostgreSQL or MySQL? Compare and contrast the two most popular open source databases
 |
Am not too sure what this code does can someone help me please?
I know it starts a session but what all that xtra validation?
// start the session
session_start();
if (!get_magic_quotes_gpc()) {
if (isset($_POST)) {
foreach ($_POST as $key => $value) {
$_POST[$key] = trim(addslashes($value));
}
}
I know it starts a session but what all that xtra validation?
// start the session
session_start();
if (!get_magic_quotes_gpc()) {
if (isset($_POST)) {
foreach ($_POST as $key => $value) {
$_POST[$key] = trim(addslashes($value));
}
}
It "escapes" certain characters. You need to look at the "addslashes" procedure to get a complete picture.
•
•
Join Date: Sep 2005
Posts: 1,081
Reputation: 
Solved Threads: 66
•
•
•
•
Originally Posted by nike123
Am not too sure what this code does can someone help me please?
I know it starts a session but what all that xtra validation?
// start the session
session_start();
if (!get_magic_quotes_gpc()) {
if (isset($_POST)) {
foreach ($_POST as $key => $value) {
$_POST[$key] = trim(addslashes($value));
}
}
If magic quotes is turned off, the function then escapes all special chars in the $_POST http vars.
the function trim just removes white space and new lines, \n, from the beginning and end of each string $_POST var.
So essentially the function emulates magic qoutes turned on on any php configuration.
I dont believe this is a good practise. First off, you dont need to escape every single $_POST, $_GET, $_COOKIE var, only those you will be saving to a sql db, and those you will use in an sql query.
Also each sql db needs its data escaped differently.
A better approach would be to use one of the mysql library functions such as mysql_real_escape_string.
To use this function you need to have an open mysql connection.
see: http://us3.php.net/mysql_real_escape_string
www.fijiwebdesign.com - web design and development and fun
Cpanel Email - Let users Register email accounts on your website upon registration
Ajax Chat - Fully browser based chat!
Cpanel Email - Let users Register email accounts on your website upon registration
Ajax Chat - Fully browser based chat!
|
Similar Threads
- Code 19 Registry Error (Windows NT / 2000 / XP)
- Why won't this code work? (VB.NET)
- Need help with DirectX code (C)
- Tutorials & Code Submissions - Questions? (DaniWeb Community Feedback)
- Some Basic Code Hopefully (Help Needed) (HTML and CSS)
Other Threads in the PHP Forum
- Previous Thread: second page error
- Next Thread: how can i display this in white ?????
| Thread Tools | Search this Thread |
Latest PHP Posts
- Today's Posts
- Unanswered Threads
Related Forum Features
.htaccess ajax apache api array beginner binary broken buttons cakephp checkbox class cms code cron curl database date directory display download dynamic ebooks echo email error file files folder form forms function functions google href htaccess html image include insert integration ip java javascript joomla limit link login loop mail mediawiki menu mlm mod_rewrite multiple mysql number oop paypal pdf php phpincludeissue phpmyadmin problem query radio random recursion regex remote script search server sessions sms soap source sp space speed sql subdomain syntax system table tag tutorial update upload url validation validator variable vbulletin video web websphere white xml youtube
