开发者

Anything in here that would escape string (PHP)

$_GET['search'] = ucfirst(strtolower(str_replace("_"," ",urldecode($_GET['search']))));

For some reason it's adding slashes into the string similar to mysqL_escape_string, anyone got any ideas what would be causing it?开发者_运维知识库


You have most probably magic_quotes_gpc set to on in php.ini. If you want to avoid that, make a check like this:

if (get_magic_quotes_gpc())
{
   $mytext = stripslashes($your_text);
}

// and your further code....


Check to see if magic_quotes_gpc is enabled on your server. If this is enabled, PHP automatically escapes anything from _GET _POST or _COOKIES.

See: http://php.net/manual/en/security.magicquotes.php


It sounds like magic_quotes_gpc is turned on. You can get the setting with get_magic_quotes_gpc().

0

上一篇:

下一篇:

精彩评论

暂无评论...
验证码 换一张
取 消

最新问答

问答排行榜