当前位置: 首页 » php

Why are PHP's mysql

This question already has an answer here: Why shouldn't I use mysql_* functions in PHP? 14 answers The mysql extension is ancient and has been around since PHP 2.0, released 15 years ago (!!); which is a decidedly different beast than the modern PHP which tries to shed the bad practices of its past. The mysql extension is a very raw, low-level connector to MySQL which lacks many conven

2018-06-08 19:25:23

为什么PHP的mysql

这个问题在这里已经有了答案: 为什么我不应该在PHP中使用mysql_ *函数? 14个答案 MySQL扩展很古老,自从15年前发布PHP 2.0以来一直存在(!!); 这是一个与现代PHP试图摆脱过去的不良行为完全不同的野兽。 MySQL扩展是一个非常原始的,低级别的MySQL连接器,它缺乏许多便利功能,因此很难以安全的方式正确应用; 这对小菜是不好的。 许多开发人员不理解SQL注入,并且mysql API足够脆弱以至于难以防止它,即使您知道它。

2018-06-08 19:25:23

PHP 5.4 on IIS is adding slashes after quote automatically

My company recently switched to PHP. We have had no real issues until today. When I assign an string that has quotes inside it to a variable, the string will have slashes escaping the single quotes. This is a one week old fresh install of 5.4. I read that 5.4 does not have magic quotes. I searched the php.ini and did not find anything with magic in the name, so it must not be on. Example:

2018-06-08 19:24:21

IIS上的PHP 5.4在自动引用后添加斜杠

我的公司最近改用PHP。 直到今天我们还没有真正的问题。 当我将一个包含引号的字符串赋值给一个变量时,该字符串将会有斜杠转义单引号。 这是5.4周的一周新鲜安装。 我读到5.4没有魔术引号。 我搜索了php.ini,并没有在名称中找到任何有魔力的东西,所以它一定不能启动。 例: $sql = "Select Description from value where [Group]='auto_email_test'"; echo dbStr($sql, "0"); 当我调试时,$ sql会 "Select Descript

2018-06-08 19:24:21

Best method of disabling php magic quotes without php.ini or .htaccess

I am needing to write portable code that will run on a shared server with magic_qoutes_gpc enabled and I am unable to change that in php.ini or .htaccess. (the server is running php 5.2) It seems there are numerous functions to stripslaches from all of the $_GET , $_POST etc superglobals but I'm not sure which is the best. Also some comments here seem to say that the keys also have slashe

2018-06-08 19:22:17

禁用php.ini或.htaccess禁用php魔术引号的最佳方法

我需要编写可移植代码,该代码将在启用magic_qoutes_gpc的共享服务器上运行,并且我无法在php.ini或.htaccess中更改该代码。 (服务器运行php 5.2) 似乎有许多函数从$_GET , $_POST等超全球系列striplaches,但我不知道哪一个是最好的。 此处的一些评论似乎还说,关键字还添加了需要剥离的斜杠。 所以我应该使用PHP网站上的那个: if (get_magic_quotes_gpc()) { $process = array(&$_GET, &$_POST, &$_C

2018-06-08 19:22:17

What are magic quotes runtime in PHP?

I'm totally aware of the aberration of Magic Quotes in PHP, how it is evil and I avoid them like pest, but what are magic_quotes_runtime ? From php.ini: Magic quotes for runtime-generated data, eg data from SQL, from exec(), etc. Is is something I should check if ON and turn OFF with: set_magic_quotes_runtime(false); Is it often ON by default? I know it's deprecated in 5.3.0 and r

2018-06-08 19:21:15

什么是PHP中的魔术引号运行时?

我完全意识到PHP中魔术引号的畸变,它是如何邪恶的,我避免它们像害虫,但什么是magic_quotes_runtime ? 来自php.ini: 来自exec()等的运行时生成数据的魔术引号,例如来自SQL的数据。 是的,我应该检查如果打开并关闭: set_magic_quotes_runtime(false); 默认情况下它常常打开吗? 我知道它已在5.3.0中被弃用,并在6.0.0中被删除,但由于我的脚本支持5.1.0+,我想知道如何在“传统”PHP(如果相关)中处理这个问题。

2018-06-08 19:21:14

Magic quotes in PHP

According to the PHP manual, in order to make code more portable, they recommend using something like the following for escaping data: if (!get_magic_quotes_gpc()) { $lastname = addslashes($_POST['lastname']); } else { $lastname = $_POST['lastname']; } I have other validation checks that I will be performing, but how secure is the above strictly in terms of escaping data? I also saw th

2018-06-08 19:20:13

PHP中的魔术引号

根据PHP手册,为了使代码更具可移植性,他们推荐使用类似以下的方式来转义数据: if (!get_magic_quotes_gpc()) { $lastname = addslashes($_POST['lastname']); } else { $lastname = $_POST['lastname']; } 我还会执行其他验证检查,但严格地说,在转义数据方面上述安全性如何? 我还看到,魔术引号将在PHP 6中被弃用。这将如何影响上述代码? 我宁愿不必依赖数据库特定的转义函数,如mysql_real_escape_string(

2018-06-08 19:20:13

How to turn off magic quotes gpc for Joomla 3?

I want to turn off PHP's magic quotes. I don't have access to php.ini. Without this I am not able to install joomla 3.xx into server. For MAMP Steps: Go to MAMP application >> Preferences (button) >> PHP (tab) >> Choose 5.3.1 or greater >> choose OK . Go to the MAMP folder >> bin >> php >> php5.3.26 >> conf >> edit php.ini &

2018-06-08 19:19:11

如何关闭Joomla 3的魔术引号gpc?

我想关闭PHP的魔术引号。 我没有访问php.ini。 没有这个,我不能将joomla 3.xx安装到服务器中。 对于MAMP 脚步: 转到MAMP application >> Preferences (button) >> PHP (tab) >> Choose 5.3.1 or greater >> choose OK 。 转至MAMP folder >> bin >> php >> php5.3.26 >> conf >> edit php.ini >> add "magic_quotes_gpc = Off"几行上述&quo

2018-06-08 19:19:11

how to turn off magic quotes in .htaccess file for joomla?

I started using Joomla 3 and now have problems and on searching i found that magic quotes need to be off for it to function correctly. I put these lines in the .htaccess file php_value magic_quotes 0 php_flag magic_quotes off php_value magic_quotes_gpc 0 php_flag magic_quotes_gpc off and Now I am getting Internal Server Error.. how to disable magic quotes in .htaccess file in setup.php, c

2018-06-08 19:18:09

如何关闭joomla的.htaccess文件中的魔术引号?

我开始使用Joomla 3,现在有问题,并且在搜索时发现需要关闭魔术引号才能正常运行。 我把这些行放在.htaccess文件中 php_value magic_quotes 0 php_flag magic_quotes off php_value magic_quotes_gpc 0 php_flag magic_quotes_gpc off 现在我正在收到内部服务器错误.. 如何在.htaccess文件中禁用魔术引号 在setup.php中,更改代码: // Check for magic quotes gpc. $option = new stdClass; $option->label = JTex

2018-06-08 19:18:09

Magic quotes isn't off (Strange problam!)

I tried to turn off magic quotes in these places: /etc/php5/apache2/php.ini /etc/php5/cli/php.ini I'm sure all of them is "Off". but it's still ON in phpinfo()! Here is my phpinfo() magic_quotes_gpc On On magic_quotes_runtime Off Off magic_quotes_sybase Off Off The only way it works is add php_flag magic_quotes_gpc Off to .htaccess. Now I want to disable it in php.

2018-06-08 19:16:05

魔术引号没有关闭(奇怪的问题!)

我试图关闭这些地方的魔术引号: /etc/php5/apache2/php.ini /etc/php5/cli/php.ini我确定他们都是“关”。 但是它仍然在phpinfo()中开启! 这是我的phpinfo() magic_quotes_gpc On On magic_quotes_runtime Off Off magic_quotes_sybase Off Off 它工作的唯一方法是将php_flag magic_quotes_gpc Off添加到.htaccess。 现在我想在php.ini禁用它。 怎么能??? 编辑: phpinfo()显示: Configuration Fil

2018-06-08 19:16:05

Disabling magic quotes

Possible Duplicate: How to turn off magic quotes on shared hosting? I've been at my wits ends all day trying to disable magic quotes in my WordPress Theme... I've tried both the .htaccess and php.ini (and php5.ini) file methods but the .htaccess gave me a 500 internal sever error (my host is GoDaddy) and the php.ini method just didn't work. I've also tried the php method wi

2018-06-08 19:14:01

禁用魔术引号

可能重复: 如何关闭共享主机上的魔术引号? 我一直在努力在我的WordPress主题中禁用魔术语录 我已经尝试了.htaccess和php.ini(和php5.ini)文件方法,但.htaccess给了我一个500内部服务器错误(我的主机是GoDaddy),php.ini方法不起作用。 我也尝试了php方法,其中有很多我在网上找到的代码,这就是其中之一: if (get_magic_quotes_gpc()) { function remove_slash(&$value) { $value = stripslashes($value); }

2018-06-08 19:14:01

How to remove magic quotes if php.ini/.htaccess are not editable?

For some reason, all my quotes are being escaped and displayed as ". Previously, it was okay. Then I looked at phpinfo() and saw that my magic_quotes_gpc is turned on. However, I cannot find the directory /usr/local/lib/ where php.ini file is and I cannot edit my .htaccess file (gets 500 Internal Server Error). I tried putting this instead on top of my scripts file (which is included in al

2018-06-08 19:12:59

如果php.ini / .htaccess不可编辑,如何删除魔术引号?

出于某种原因,我的所有引号都被转义并显示为“。以前,它没问题。然后我看着phpinfo()并看到我的magic_quotes_gpc已打开。但是,我找不到目录/ usr / local / lib / php.ini文件在哪里,我无法编辑我的.htaccess文件(获取500内部服务器错误)。 我试着把它放在我的脚本文件的顶部(它包含在所有页面中): if (get_magic_quotes_gpc()) { $process = array(&$_GET, &$_POST, &$_COOKIE, &$_REQUEST);

2018-06-08 19:12:59