drpzr64329 2012-09-28 09:34
浏览 39
已采纳

有些字符会自动转义吗?

I'm inputting some fields into a database. One had a value of 

foto's

and when I checked in the $_POST[] where that was contained it had

foto\'s

does this happen automatically? I have (not yet) any escaping in my script.

Update: So it's the magic quotes that is doing it. The php.ini-file looked like this:

; Magic quotes
;

So I changed it to:

; Magic quotes
;

; Magic quotes for incoming GET/POST/Cookie data.
magic_quotes_gpc = Off

; Magic quotes for runtime-generated data, e.g. data from SQL, from exec(), etc.
magic_quotes_runtime = Off

; Use Sybase-style magic quotes (escape ' with '' instead of \').
magic_quotes_sybase = Off

; Use Sybase-style magic quotes (escape ' with '' instead of \').
magic_quotes_sybase = Off

But in phpinfo this is still on:

magic_quotes_gpc    On  On
  • 写回答

3条回答 默认 最新

  • douche1936 2012-09-28 09:35
    关注

    This is probably magic quotes in action. Disable them immediately and then follow the usual best practices to properly escape user-supplied input depending on what you are going to do with it.

    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论
查看更多回答(2条)

报告相同问题?

悬赏问题

  • ¥15 乌班图ip地址配置及远程SSH
  • ¥15 怎么让点阵屏显示静态爱心,用keiluVision5写出让点阵屏显示静态爱心的代码,越快越好
  • ¥15 PSPICE制作一个加法器
  • ¥15 javaweb项目无法正常跳转
  • ¥15 VMBox虚拟机无法访问
  • ¥15 skd显示找不到头文件
  • ¥15 机器视觉中图片中长度与真实长度的关系
  • ¥15 fastreport table 怎么只让每页的最下面和最顶部有横线
  • ¥15 java 的protected权限 ,问题在注释里
  • ¥15 这个是哪里有问题啊?