[geeklog-devel] code scrubbing: stripslashes
Joe Mucchiello
joe at ThrowingDice.com
Sat Aug 11 16:02:27 EDT 2007
At 03:30 PM 8/11/2007, Aaron Blankstein wrote:
>Well first of all there would be a problem for any array variables.
>You need to do a stripslashes_deep somewhat like the example at
><http://us.php.net/manual/en/security.magicquotes.disabling.php>http://us.php.net/manual/en/security.magicquotes.disabling.php
>(though the example itself won't strip slashes from array keys.)
>Also, anytime the function parse_str is used, it returns a
>magicquoted string. I don't know if its ever used in GL code, but it
>would have to be another consideration.
Dang, you are right. I forgot about arrays. It would need to use
array_walk_recursive in some manner.
----
Joe Mucchiello
Throwing Dice Games
http://www.throwingdice.com
More information about the geeklog-devel
mailing list