security.magicquotes.html

来自「php的帮助文档,涉及到PHP的案例和基本语法,以及实际应用内容」· HTML 代码 · 共 96 行

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
 <head>
  <title>Magic Quotes</title>
  <meta http-equiv="content-type" content="text/html; charset=UTF-8">
 </head>
 <body><div style="text-align: center;">
 <div class="prev" style="text-align: left; float: left;"><a href="security.variables.html">User Submitted Data</a></div>
 <div class="next" style="text-align: right; float: right;"><a href="security.magicquotes.why.html">Why use Magic Quotes</a></div>
 <div class="up"><a href="security.html">Security</a></div>
 <div class="home"><a href="index.html">PHP Manual</a></div>
</div><hr /><div>
   <h1>Magic Quotes</h1>
<h2>Table of Contents</h2><ul class="chunklist chunklist_chapter"><li><a href="security.magicquotes.why.html">Why use Magic Quotes</a></li><li><a href="security.magicquotes.whynot.html">Why not to use Magic Quotes</a></li><li><a href="security.magicquotes.disabling.html">Disabling Magic Quotes</a></li></ul>

   <div class="warning"><b class="warning">Warning</b><p class="simpara">This feature has been
<em class="emphasis">DEPRECATED</em> and <em class="emphasis">REMOVED</em> as of PHP 6.0.0.
Relying on this feature is highly discouraged.</p></div>
   <p class="para">
    Magic Quotes is a process that automagically escapes incoming data to the 
    PHP script. It&#039;s preferred to code with magic quotes off and to instead
    escape the data at runtime, as needed.
   </p>

   <div id="security.magicquotes.what" class="sect1">
    <h2 class="title">What are Magic Quotes</h2>
    <p class="para">
     When on, all <i>&#039;</i> (single-quote), <i>&quot;</i> 
     (double quote), <i>\</i> (backslash) and <i>NULL</i> 
     characters are escaped with a backslash automatically.  This is identical
     to what <a href="function.addslashes.html" class="function">addslashes()</a> does.
    </p>
    <p class="para">
     There are three magic quote directives:
    </p>
    <ul class="itemizedlist">
     <li class="listitem">
      <span class="simpara">
       <a href="info.configuration.html#ini.magic-quotes-gpc" class="link">magic_quotes_gpc</a>
      </span>
      <span class="simpara">
       Affects HTTP Request data (GET, POST, and COOKIE). Cannot be set at 
       runtime, and defaults to <em class="emphasis">on</em> in PHP.
      </span>
      <span class="simpara">
       See also <a href="function.get-magic-quotes-gpc.html" class="function">get_magic_quotes_gpc()</a>.
      </span>
     </li>
     <li class="listitem">
      <span class="simpara">
       <a href="info.configuration.html#ini.magic-quotes-runtime" class="link">magic_quotes_runtime</a>
      </span>
      <span class="simpara">
       If enabled, most functions that return data from an external source, 
       including databases and text files, will have quotes escaped with a 
       backslash. Can be set at runtime, and defaults to <em class="emphasis">off</em>
       in PHP.
      </span>
      <span class="simpara">
       See also <a href="function.set-magic-quotes-runtime.html" class="function">set_magic_quotes_runtime()</a> and
       <a href="function.get-magic-quotes-runtime.html" class="function">get_magic_quotes_runtime()</a>.
      </span>
     </li>
     <li class="listitem">
      <span class="simpara">
       <a href="sybase.configuration.html#ini.magic-quotes-sybase" class="link">magic_quotes_sybase</a>
      </span>
      <span class="simpara">
       If enabled, a single-quote is escaped with a single-quote instead of a 
       backslash.  If on, it completely overrides 
       <a href="info.configuration.html#ini.magic-quotes-gpc" class="link">magic_quotes_gpc</a>. Having 
       both directives enabled means only single quotes are escaped as 
       <i>&#039;&#039;</i>. Double quotes, backslashes and NULL&#039;s will 
       remain untouched and unescaped.
      </span>
      <span class="simpara">
       See also <a href="function.ini-get.html" class="function">ini_get()</a> for retrieving its value.
      </span>
     </li>
    </ul>
   </div>

   

   

   

  </div>
<hr /><div style="text-align: center;">
 <div class="prev" style="text-align: left; float: left;"><a href="security.variables.html">User Submitted Data</a></div>
 <div class="next" style="text-align: right; float: right;"><a href="security.magicquotes.why.html">Why use Magic Quotes</a></div>
 <div class="up"><a href="security.html">Security</a></div>
 <div class="home"><a href="index.html">PHP Manual</a></div>
</div></body></html>