according to this: http://us2.php.net/manual/en/security.magicquotes.disabling.php
magic_quotes can not be turned off at runtime.
-Charles
Dean Jones wrote:
Ok, we can just use set_magic_quotes(0), I see. I've never seen the get/set_magic_quotes function and just always removed slashes with stripslashes in order to keep code protable. I just think we should take care of it in order to stay user friendly and not force people to edit their PHP configuration just to use roundcube. Just my .02.
On Fri, 17 Feb 2006 16:51:31 +0100, Håkan Lindqvist lindqvist@netstar.se wrote:
No, it doesn't...
It only does this if magic_quotes is on, and having that turned on is not very sane.
The right thing to do really is to ensure that magic_quotes is always off in Roundcube's scope.
/Håkan
On fre, 2006-02-17 at 10:38 -0500, Dean Jones wrote:
Unless it's something I don't know about... However, PHP add's slashes
to quote to any POST data. That's why PHP has a built in function called stripslashes and addslashes. You're supposed to run stripslashes on any POST data that is to be displayed, really...
On Fri, 17 Feb 2006 16:36:55 +0100, Mykeul myk3ul@gmail.com wrote:
It is the magic_quotes problem, isnt it ?
On 2/17/06, Dean Jones deanj@cleancode.org wrote:
Umm... That's silly. They're definitely needed. Try sending an
and put quotes around something or use a single quote. The message
ends
up
like this:
He said "Hi"
and
Wouldn't you like to know.
Using stripslashes removes those uneccessary escape slashes around
quotes.
It's absolutely needed.
On Fri, 17 Feb 2006 10:08:41 +0100, Håkan Lindqvist
wrote:
I don't understand why it should be necessary to use stripslashes
in
the
first place. The slashes shouldn't be there in the first place,
except
in SQL queries.
To me it seems that stripslashes isn't what we're looking for.
/Håkan
On tor, 2006-02-16 at 22:47 -0500, Dean Jones wrote: > Look like someone forgot to use stripslashes on the subject and
body
of
the > messages... :) > > Is there a standard for checking in patches if you have access to
CVS?
I've > fixed this, but I wanted to check and see what the procedure was
for
checking > in small fixes like this. > > Dean > > >