Home > Article > Backend Development > Description of get_magic_quotes_gpc() function in php_PHP tutorial
Description of get_magic_quotes_gpc() function in php_PHP tutorial
- WBOYOriginal
- 2016-07-13 10:47:56872browse
The get_magic_quotes_gpc function is used to determine whether to add slashes to the data provided by the user. This is in the php.ini configuration file. Let me introduce the get_magic_quotes_gpc() function description.
get_magic_quotes_gpc function Introduction
Get the value of PHP environment variable magic_quotes_gpc, which is a PHP system function.
Syntax: long get_magic_quotes_gpc(void);
Return value: long integer
This function obtains the value of the variable magic_quotes_gpc (GPC, Get/Post/Cookie) in the PHP environment configuration. Returning 0 means turning off this function; returning 1 means turning this function on.
When magic_quotes_gpc is turned on, all ‘ (single quote), ” (double quote), (backslash) and null characters will automatically be converted to overflow characters containing backslash.
magic_quotes_gpc sets whether to automatically add a backslash to the '" in the data sent by GPC (get, post, cookie). You can use get_magic_quotes_gpc() to detect the system settings.
If this setting is not turned on, you can use the addslashes() function to add it. Its function is to add backslashes before certain characters when required in database query statements.
These characters are single quote (’), double quote (”), backslash () and NUL (NULL character).
By default, the PHP directive magic_quotes_gpc is on, which mainly automatically runs addslashes() on all GET, POST and COOKIE data.
Do not use addslashes() on strings that have been escaped by magic_quotes_gpc, as this will result in double escaping. When encountering this situation, you can use the function get_magic_quotes_gpc() to detect it.
Example
The correct way to use get_magic_quotes_gpc() to prevent database attacks
The code is as follows
|
Copy code
{
if (get_magic_quotes_gpc())
}
{
} | ||||||
}