seven7htangent
New Member
- Messages
- 6
- Reaction score
- 0
- Points
- 0
From what i've discerned via the forums, magic_quotes() is enabled by default in all but PHP level 3.
This is problematic, as i'm using mysql_real_escape_string() (which, as i understand, has become the standard, replacing magic_quotes, as it is more secure against injection attacks), and the combination causes slashes to appear in comments where quotes are double-escaped. Also, links processed through the CMS and inserted into the database in the same manner don't work, because their HREF looks like: http://www.16thmission.com/\"http://www.link.com\" i then have to log in via phpMyAdmin and correct this manually.
When applied for PHP level 3,
my request was denied because i have a newer account, so i'm currently using Intermediate, and of course, the problem persists. Could you please disable magic_quotes, or let me know how else i might go about rectifying this?
Thank you!
This is problematic, as i'm using mysql_real_escape_string() (which, as i understand, has become the standard, replacing magic_quotes, as it is more secure against injection attacks), and the combination causes slashes to appear in comments where quotes are double-escaped. Also, links processed through the CMS and inserted into the database in the same manner don't work, because their HREF looks like: http://www.16thmission.com/\"http://www.link.com\" i then have to log in via phpMyAdmin and correct this manually.
When applied for PHP level 3,
my request was denied because i have a newer account, so i'm currently using Intermediate, and of course, the problem persists. Could you please disable magic_quotes, or let me know how else i might go about rectifying this?
Thank you!
