发表新帖
发表新帖

Is it necessary to use mysql_real_escape_string(), when magic_quotes_gpc is on?

前端 未结
关注
4 1338
长发绾君心
长发绾君心 2021-01-03 18:47

To prevent SQL injection, is it necessary to use mysql_real_escape_string(), when magic_quotes_gpc is on?

4条回答
  • 失恋的感觉
    失恋的感觉 (楼主)
    2021-01-03 19:18

    Looking at the documentation; http://php.net/manual/en/function.mysql-real-escape-string.php

    Note: If magic_quotes_gpc is enabled, first apply stripslashes() to the data. Using this function on data which has already been escaped will escape the data twice.

    You can check if magic_quotes_gpc is on, see example; http://php.net/manual/en/function.get-magic-quotes-gpc.php

    0 讨论(0)
 看不清?
提交回复
热议问题