Home > Backend Development > PHP Tutorial > PHP disables page cache output_PHP tutorial

PHP disables page cache output_PHP tutorial

WBOY
Release: 2016-07-13 17:37:22
Original
865 people have browsed it

Magic quotes are a common question for PHPer. I accidentally saw an article today, combined with the PHP Manual and its replies, I will make a simple summary here.

In short, Magic quotes will automatically escape the entered data when turned on. Among them, all single quotes (), double quotes ("), backslashes, and NULL characters will be escaped (a backslash is added). In fact, this operation essentially calls the addslashes function.

Why use Magic quotes
Convenient and fast
The designers of PHP at the beginning of the design envisioned fast and convenient programming. For example, when inserting into a database, Magic quotes will automatically escape the data, which is very convenient.

Good for beginners
Magic quotes can, to a certain extent, remove beginners from the security risks of scripts. For example, in code without any protection measures, after turning on Magic quotes, there will be much fewer risks, such as injection problems. Of course, using this method alone cannot completely prevent such security issues.

“I don’t have permission to close it”
Obviously you may be aware of this problem, but the host space is not completely under your control.

Why not use Magic quotes
Portability
Whether this feature is turned on or not, it will affect the portability of the script because it affects our subsequent operations of filtering the data.

Performance issues
All external data will be escaped before being obtained, which will undoubtedly increase runtime costs (and not all data needs to be escaped).

Causing confusion
As mentioned above, not all data needs to be escaped. One situation that may arise is when you use the stripslashes function "crazy" to get unescaped data.

PHP6 is no longer supported
The designers of PHP have obviously realized their "mistake", so they have deprecated it in PHP6.

How to disable Magic quotes
In my opinion, it is most reliable to use the php.ini configuration file to globally disable Magic quotes. Refer to the code below

; Magic quotes;; Magic quotes for incoming GET/POST/Cookie data.magic_quotes_gpc = Off; Magic quotes for runtime-generated data, e.g. data from SQL, from exec(), etc.magic_quotes_runtime = Off; Use Sybase- style magic quotes (escape with instead of ).magic_quotes_sybase = Off However, the online host may not allow you to modify the php.ini file, so you can use the .htaccess file to disable it and add the following code

php_flag magic_quotes_gpc Off For the above portable code, the data must remain consistent whether magic_quotes is disabled or not. Then the code below can help you

www.bkjia.comtruehttp: //www.bkjia.com/PHPjc/486594.htmlTechArticleFor Magic quotes, it is a common question for PHPer. I accidentally saw an article today, combined with the PHP Manual and its replies, I will make a simple summary here. In short...
source:php.cn
Statement of this Website
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn
Popular Tutorials
More>
Latest Downloads
More>
Web Effects
Website Source Code
Website Materials
Front End Template