Charles McNulty schrieb:
Am I all alone in thinking that uniformly removing or adding all slashes to the POST and GET variables once at the top of the program is a better implementation than modifying every line of code that uses these variables?
i agree with you, i just would go one step further and introduce a warning depending on a configuration setting.
e.g. // BE WARNED, this setting is just a workaround, consider deactivating // magic_quotes_gpc in your php.ini // setting this option to TRUE will remove the warning displayed if // you have magic_quotes set to on. $rcmail_config['display_warning on_use_magic_quotes'] = FALSE;
if rc detects magic_quotes_gpc=on always do the workaround and display always a warning but with a hint, where to deactivate this warning. This way we spread the information about the magic_quotes problem and reduce support questions.
Kind regards
Florian Sperber