Home > Article > Backend Development > get_magic_quotes_gpc() function in php
This article introduces the functions related to character escaping in PHP and the relevant knowledge of the get_magic_quotes_gpc() function. Friends in need can refer to it.
PHP built-in function get_magic_quotes_gpc() gets the value of the magic_quotes_gpc option in the php.ini settings. magic_quotes_gpc option: If magic_quotes_gpc=On, the PHP parser will automatically add the escape character "" to the data from post, get, and cookie to ensure that these data will not cause fatal problems in programs, especially database statements due to contamination caused by special characters. mistake. In the case of magic_quotes_gpc=On, if the input data contains: Characters such as single quote (’), double quote (”), backslash (), and NUL (NULL character) will be backslashed. These escapes are required. If this option is off, then the addslashes function must be called to add escapes to the string. It is precisely because of the contradiction that this option must be On, but it also allows users to configure it, this option has been deleted in PHP6, and all programming needs to be performed under magic_quotes_gpc=Off. In such an environment, if the user's data is not escaped, the consequences are not just program errors. The same will cause the risk of database injection attacks. In order to welcome the arrival of php6, do not rely on this option to be on in the future. When magic_quotes_gpc=On, the function get_magic_quotes_gpc() will return 1. When magic_quotes_gpc=Off, the function get_magic_quotes_gpc() will return 0. Therefore, the get_magic_quotes_gpc() function is used to get the value of the environment variable magic_quotes_gpc. However, the magic_quotes_gpc option was deleted in PHP6, so this function may not exist in php6. |