PHP-Logo
Druckansicht von http://www.php-homepage.de/manual/security.magicquotes.whynot.php

PHP-Logo
[ Main Menue ]
Homepage
Downloads
Artikel
Scripts
Forum
PHP-Manual
Links
News
Freelancer
Bücher
RuDolF
Suche
Misc
Über diese Seite
Kontakt
Wunschzettel
MyGuestbook
*
[ Suche ]
*
[ Manual ]
*

Follow on Twitter - @phphomepage

RSS Feed blogoscoop
 Why did we use Magic Quotes  Letztes Update:
18.05.2012
 Disabling Magic Quotes 

Why not to use Magic Quotes

Warnung

Dieses Feature ist seit PHP 5.3.0 DEPRECATED (veraltet) und seit PHP 5.4.0 ENTFERNT.

  • Portability Assuming it to be on, or off, affects portability. Use get_magic_quotes_gpc() to check for this, and code accordingly.
  • Performance Because not every piece of escaped data is inserted into a database, there is a performance loss for escaping all this data. Simply calling on the escaping functions (like addslashes()) at runtime is more efficient. Although php.ini-development enables these directives by default, php.ini-production disables it. This recommendation is mainly due to performance reasons.
  • Inconvenience Because not all data needs escaping, it's often annoying to see escaped data where it shouldn't be. For example, emailing from a form, and seeing a bunch of \' within the email. To fix, this may require excessive use of stripslashes().
© Copyright 1999 - 2011 by Mark Kronsbein | Impressum | NutzungsbedingungenWeiterempfehlen | Seitenanfang
0.0017