Not only that, but for new people, magic_quote_gpc = On
For those not familiar with php, this will escape single quotes in GET/POST/COOKIE data. Helps protect the unfamiliar from things like SQL injection attacks. Once you know what you are doing they can be a bit of a pain in the ass, but for new people, it can help make your code a bit safer.
I disagree. Your suggestion is the way the US education system tends to work - teach kids the easy way first, then teach them the right way later (and explain why the easy way is wrong).
The magic quotes feature escapes data for use in a query. There are lots of things you can be doing with data, and storing it is just one.
Also, the escaping that magic quotes does is equivalent to the addslashes function. This is a good last resort, but better options exist for many databases - for example, mysql_escape_string for MySQL.
register_globals = off (Score:5, Informative)
Re:register_globals = off (Score:2, Informative)
magic_quote_gpc = On
For those not familiar with php, this will escape single quotes in GET/POST/COOKIE data. Helps protect the unfamiliar from things like SQL injection attacks. Once you know what you are doing they can be a bit of a pain in the ass, but for new people, it can help make your code a bit safer.
Just Say No (Score:2)
I disagree. Your suggestion is the way the US education system tends to work - teach kids the easy way first, then teach them the right way later (and explain why the easy way is wrong).
The magic quotes feature escapes data for use in a query. There are lots of things you can be doing with data, and storing it is just one.
Also, the escaping that magic quotes does is equivalent to the addslashes function. This is a good last resort, but better options exist for many databases - for example, mysql_escape_string for MySQL.