[TriLUG] PHP strange code question

Joseph Tate dragonstrider at gmail.com
Mon Jan 10 10:55:04 EST 2005 

Yes, a restart of httpd is required when you update php.ini.  Make
sure that there's nothing in /usr/local/lib/php.d that would override
the php.ini values.  Like maybe your mssql.ini file?


On Mon, 10 Jan 2005 10:49:43 -0500, David McDowell
<turnpike420 at gmail.com> wrote:
> I have turned magic_quotes_gpc = Off and magic_quotes_sybase = On in
> my /usr/local/lib/php/php.ini file.  PHP claims my config path is
> /usr/local/lib and I don't have any other php.ini files.  Yet, when I
> run phpinfo(); in a web page, those values are not updated... gpc = On
> and sybase = Off still.  Why wouldn't they change?  Also, you'd think
> our application would "break" until we recode it to match this
> change... the app is still fine as well.  So it would appear php.ini
> is updated but isn't??  (yup, I even restarted httpd for the heck of
> it)
> 
> thanks,
> David
> 
> On Fri, 7 Jan 2005 17:31:36 -0500, Joseph Tate <dragonstrider at gmail.com> wrote:
> > On Fri, 7 Jan 2005 16:10:04 -0500, David McDowell <turnpike420 at gmail.com> wrote:
> > > This does not seem to work or meet our needs (escaping the apostrophe):
> > > $Event = addslashes($_POST['event']);
> > >
> > > I hope I have given enough information for parsing.  Anything you see
> > > you can throw my way would be much appreciated.
> > >
> >
> > There are usually two solutions to the problem you're describing.  The
> > first is to turn magic-quotes on in your php.ini file.  Then no
> > special quoting is necessary for DB inserts, but you may need them at
> > other points in time i.e. instead of adding quotes everywhere you
> > insert into the database, you'll need them when you are not inserting
> > into a database (i.e. writing to a file).
> >
> > If you make that change, make sure you test all your other PHP code
> > for breakage.  If magic_quotes_gpc is already on, you may need to
> > change the quoting type.  Look in the ini file for the word sybase.
> > That should help you figure out which type of quoting you need.
> >
> > The second option is to use the DB specific escape_string function
> > like mysql_escape_string.  Unfortunately I don't see one for mssql.
> > You are probably trying to use addslashes when magic_quotes are on,
> > which ends up escaping the escapes, so instead of \' going into the
> > SQL query, you'll have \\\'.
> >
> > --
> > Joseph Tate
> > Personal e-mail: jtate AT dragonstrider DOT com
> > Web: http://www.dragonstrider.com
> > --
> > TriLUG mailing list        : http://www.trilug.org/mailman/listinfo/trilug
> > TriLUG Organizational FAQ  : http://trilug.org/faq/
> > TriLUG Member Services FAQ : http://members.trilug.org/services_faq/
> > TriLUG PGP Keyring         : http://trilug.org/~chrish/trilug.asc
> >
> --
> TriLUG mailing list        : http://www.trilug.org/mailman/listinfo/trilug
> TriLUG Organizational FAQ  : http://trilug.org/faq/
> TriLUG Member Services FAQ : http://members.trilug.org/services_faq/
> TriLUG PGP Keyring         : http://trilug.org/~chrish/trilug.asc
> 


-- 
Joseph Tate
Personal e-mail: jtate AT dragonstrider DOT com
Web: http://www.dragonstrider.com

More information about the TriLUG mailing list