 |  |  |  |  |  |  |  |
what does this code do?
Please support our PHP advertiser: PostgreSQL or MySQL? Compare and contrast the two most popular open source databases
 |
Am not too sure what this code does can someone help me please?
I know it starts a session but what all that xtra validation?
// start the session
session_start();
if (!get_magic_quotes_gpc()) {
if (isset($_POST)) {
foreach ($_POST as $key => $value) {
$_POST[$key] = trim(addslashes($value));
}
}
I know it starts a session but what all that xtra validation?
// start the session
session_start();
if (!get_magic_quotes_gpc()) {
if (isset($_POST)) {
foreach ($_POST as $key => $value) {
$_POST[$key] = trim(addslashes($value));
}
}
It "escapes" certain characters. You need to look at the "addslashes" procedure to get a complete picture.
•
•
Join Date: Sep 2005
Posts: 1,075
Reputation: 
Solved Threads: 66
•
•
•
•
Originally Posted by nike123
Am not too sure what this code does can someone help me please?
I know it starts a session but what all that xtra validation?
// start the session
session_start();
if (!get_magic_quotes_gpc()) {
if (isset($_POST)) {
foreach ($_POST as $key => $value) {
$_POST[$key] = trim(addslashes($value));
}
}
If magic quotes is turned off, the function then escapes all special chars in the $_POST http vars.
the function trim just removes white space and new lines, \n, from the beginning and end of each string $_POST var.
So essentially the function emulates magic qoutes turned on on any php configuration.
I dont believe this is a good practise. First off, you dont need to escape every single $_POST, $_GET, $_COOKIE var, only those you will be saving to a sql db, and those you will use in an sql query.
Also each sql db needs its data escaped differently.
A better approach would be to use one of the mysql library functions such as mysql_real_escape_string.
To use this function you need to have an open mysql connection.
see: http://us3.php.net/mysql_real_escape_string
www.fijiwebdesign.com - web design and development and fun
Cpanel Email - Let users Register email accounts on your website upon registration
Ajax Chat - Fully browser based chat!
Cpanel Email - Let users Register email accounts on your website upon registration
Ajax Chat - Fully browser based chat!
|
Similar Threads
- Code 19 Registry Error (Windows NT / 2000 / XP)
- Why won't this code work? (VB.NET)
- Need help with DirectX code (C)
- Tutorials & Code Submissions - Questions? (DaniWeb Community Feedback)
- Some Basic Code Hopefully (Help Needed) (HTML and CSS)
Other Threads in the PHP Forum
- Previous Thread: second page error
- Next Thread: how can i display this in white ?????
| Thread Tools | Search this Thread |
You need to join our community in order to build your list of favorite forums. You can visit the forum index for a listing of all forums.
Related Forum Features
Latest PHP Posts
- Today's Posts
- Unanswered Threads
action address ajax apache api array auto autoincrement beginner binary broken cakephp checkbox class classes cms code cron curl database date dehasher destroy display domain dynamic echo email error errorlog file files folder form format forms function functions google href htaccess html image include insert interactive ip java javascript joomla limit link load login mail malfunctioning masterthesis menu mlm multiple mysql nodes oop paypal pdf php popup problem query radio ram random record recursion reference remote return script search server sessions sms source space sql syntax system table tutorial unset update upload url validation validator variable video web websitecontactform youtube
