[WEB SECURITY] magic_quotes

Pablo Fernández newsclient at teamq.info
Tue Jun 21 17:05:54 EDT 2005

Hi everybody

I been coding for the last couple of days with PHP+MySQL and I've been
relaying A LOT in magic_quotes. I am wondering if it's (at least for the
moment) a safe thing to do. For example, consider the following code

$GDATA = (object) $_GET;
$PDATA = (object) $_POST;

else        $DATA = $PDATA;

$q = mysql_query ("SELECT * FROM whatever WHERE id = '$DATA->id'");

How safe is this?

I would appreciate hints & thoughts (TM)

Pablo Fernandez

The Web Security Mailing List

The Web Security Mailing List Archives

More information about the websecurity mailing list