•  20-06-2021
  •  | 
  •  

Question

According to the PHP manual:

Sets the magic_quotes state for GPC (Get/Post/Cookie) operations. When magic_quotes are on, all ' (single-quote), " (double quote), \ (backslash) and NUL's are escaped with a backslash automatically.

But does this also apply for $_REQUEST variables?

Was it helpful?

Solution

Yes it does since $_REQUEST is derived from content stored in $_GET, $_POST and $_COOKIE. However as I am sure you already noticed relying on magic_quotes in any way is considered bad practice which is why it was ultimately removed as of PHP 5.4.

OTHER TIPS

The $_REQUEST variables are the same as the GPC variables.

Remember that magic_quotes_gpc has been removed from PHP as of version 5.4. It's recommended that you do not rely on its presence and do not use it for new projects.

Yes, but you shouldn't be using magic quotes.

Read http://uk.php.net/manual/en/security.magicquotes.whynot.php before you go any further.

Yes, magic_quotes_gpc affect $_GET. $_POST, $_COOKIE, $_REQEUST.

FYI: use of magic quotes it's evil and deprecated. Check the official PHP page on how to disable magic_quotes_gpc runtime using a workaround.

Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
scroll top