Home page logo

bugtraq logo Bugtraq mailing list archives

Re: TWIG SQL query bugs
From: kj <kj () indifference org>
Date: Thu, 31 May 2001 09:48:37 -0700

PHP used to have an option to automatically use addslashes() on any variable
passed to it via POST or GET.  Please see your PHP.INI file and set the
appropriate setting for "magic_quotes_gpc"

Isn't the "magic_quotes_gpc" only for GET/POST/COOKIES. For SQL
statements to dbs I think you need to initialize magic_quotes_runtime
for the addslashes() default.


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]