Security Basics mailing list archives
magic_quotes
From: Pablo Fernández <newsclient () teamq info>
Date: Sat, 18 Jun 2005 01:28:42 +0200
Hi everybody I been coding for the last couple of days with PHP+MySQL and I've been relaying A LOT in magic_quotes. I am wondering if it's (at least for the moment) a safe thing to do. For example, consider the following code $GDATA = (object) $_GET; $PDATA = (object) $_POST; if ($GDATA) $DATA = $GDATA; else $DATA = $PDATA; $q = mysql_query ("SELECT * FROM whatever WHERE id = '$DATA->id'"); How safe is this? I would appreciate hints & thoughts (TM) Thanks, Pablo Fernandez
Current thread:
- magic_quotes Pablo Fernández (Jun 20)
- RE: magic_quotes Steve Hillier (Jun 20)
- Re: magic_quotes Christoph 'knurd' Jeschke (Jun 21)
- RE: magic_quotes Steve Hillier (Jun 22)
- Re: magic_quotes Pablo Fernández (Jun 22)
- Re: magic_quotes Christoph 'knurd' Jeschke (Jun 22)
- Re: magic_quotes Christoph 'knurd' Jeschke (Jun 21)
- RE: magic_quotes Steve Hillier (Jun 20)
- Re: magic_quotes Ben Sytko (Jun 20)
- <Possible follow-ups>
- Re: RE: magic_quotes miguel . vieira (Jun 22)
- Re: magic_quotes maarten (Jun 24)
- Re: magic_quotes Christoph 'knurd' Jeschke (Jun 27)
- Re: magic_quotes mickael kael (Jun 27)