[geeklog-devel] Forum Issues

Blaine Lang langmail at sympatico.ca
Wed Feb 26 15:40:53 EST 2003 

Ok, so it's detecting the setting correctly AND it also looks like the data
is escaped properly as well.

If I'm reading the log correctly..
> ('7','Admin','1046291187',1046291187,'','','it\'s\'','test 1 it\'s won\'t

The quotes are escaped.

Blaine

----- Original Message -----
From: "Dwight Trumbower" <dwight at trumbower.com>
To: <geeklog-devel at lists.geeklog.net>
Sent: Wednesday, February 26, 2003 3:29 PM
Subject: Re: [geeklog-devel] Forum Issues


> Results.
>
> Wed Feb 26 15:26:27 2003 - magic_quotes_gpc is on
> Wed Feb 26 15:26:27 2003 - magic_quotes_gpc is on
> Wed Feb 26 15:26:27 2003 - magic_quotes_gpc is on
> Wed Feb 26 15:26:27 2003 - 1064: You have an error in your SQL syntax near
> 's
>
won\'t</code></pre>','html','64.91.71.140','','icon_file','2','0','0','
0''
> at line 2 SQL in question: INSERT INTO gl_forum_topic
> (forum,name,date,lastupdated,
>
email,website,subject,comment,postmode,ip,mood,topicimg,uid,pid,sticky,locke
d)
>                              VALUES
> ('7','Admin','1046291187',1046291187,'','','it\'s\'','test 1
> it\'s won\'t
>
> test 2
> <pre><code>it\'s
>
won\'t</code></pre>','html','64.91.71.140','','icon_file','2','0','0','
0')
>
> Wed Feb 26 15:26:55 2003 - Someone has tried to illegally access the
> PHPInfo page.  User id: , Username: , IP: 216.99.216.85
>
>
> At 03:17 PM 2/26/2003 -0500, you wrote:
> >I've added debug statements on my sites to code to test the setting for
> >magic_quotes_gpc is working but I wonder if on other sites this is
failing..
> >
> >In public/forum/include/gf_format.php - the function is gf_preparefordb()
> >
> >The code to test the setting is
> >    if ( get_magic_quotes_gpc()  )    {
> >
> >Add a debug output to test both cases of this if statement such as:
> >   COM_errorLOG("magic_quotes_gpc is on");
> >   and for the off state check
> >
> >If may be that on some sites it is not being properly detected
> >
> >Maybe I need to be using
> >    if (get_magic_quotes_gpc() = = 1 )  {
> >
> >
> >
> >Blaine
> >
> >_______________________________________________
> >geeklog-devel mailing list
> >geeklog-devel at lists.geeklog.net
> >http://lists.geeklog.net/listinfo/geeklog-devel
>
> Dwight
> dwight at trumbower.com
>
> _______________________________________________
> geeklog-devel mailing list
> geeklog-devel at lists.geeklog.net
> http://lists.geeklog.net/listinfo/geeklog-devel

More information about the geeklog-devel mailing list