[geeklog-devel] code scrubbing: stripslashes

Joe Mucchiello joe at ThrowingDice.com
Sat Aug 11 16:02:27 EDT 2007


At 03:30 PM 8/11/2007, Aaron Blankstein wrote:
>Well first of all there would be a problem for any array variables. 
>You need to do a stripslashes_deep somewhat like the example at 
><http://us.php.net/manual/en/security.magicquotes.disabling.php>http://us.php.net/manual/en/security.magicquotes.disabling.php 
>(though the example itself won't strip slashes from array keys.) 
>Also, anytime the function parse_str is used, it returns a 
>magicquoted string. I don't know if its ever used in GL code, but it 
>would have to be another consideration.

Dang, you are right. I forgot about arrays. It would need to use 
array_walk_recursive in some manner.

----
Joe Mucchiello
Throwing Dice Games
http://www.throwingdice.com 




More information about the geeklog-devel mailing list