WebApp Sec mailing list archives
Re: Magic Quotes
From: Tomek Perlak <tomekperlak () tlen pl>
Date: Tue, 10 Oct 2006 12:19:50 +0200
DokFLeed wrote:
(..)if there is noway around Magic Quotes, then why is every developer against it ?Dok
I guess it's because it adds a layer of complexity to your code?Some servers have MQs on, some don't (and you might not have any control over that), so you have to code for two cases.
Also, if data sanitation is being done using other functions (such as mysql_real_escape_string if you happen to use mysql), the MQs feature is a nuisance to deal with, to say the least.
// tp; ------------------------------------------------------------------------- Sponsored by: WatchfireWatchfire has new programs available for pen testers and consultants to use AppScan in client engagements. AppScan is the leading Web application assessment tool. Want to see it for yourself? Take a look today!
https://www.watchfire.com/securearea/appscancamp.aspx?id=701500000008YSz --------------------------------------------------------------------------
Current thread:
- Google code search Stephen de Vries (Oct 04)
- Re: Google code search Zapotek (Oct 05)
- Re: Google code search Ryan Barnett (Oct 05)
- Magic Quotes DokFLeed (Oct 09)
- Message not available
- Re: Magic Quotes DokFLeed (Oct 10)
- Message not available
- Re: Magic Quotes Tomek Perlak (Oct 10)
- RE: Magic Quotes Matt Fisher (Oct 11)
- Re: Magic Quotes Steve Slater (Oct 11)
- Re: Magic Quotes DokFLeed (Oct 15)
- Re: Magic Quotes Brad Lhotsky (Oct 16)
- Message not available
- Re: Magic Quotes DokFLeed (Oct 17)
- Re: Magic Quotes Brad Lhotsky (Oct 17)
- Re: Magic Quotes DokFLeed (Oct 17)