Items tagged security in Aug, 2010
Filters: Year: 2010 × Month: Aug × security × Sorted by date
2 results
In what circumstances should one use “magic quotes” in PHP?
Absolutely never. Magic quotes was a badly designed feature, and PHP has been trying to escape its legacy for years. If you are constructing SQL strings using string concatenation you’re asking for trouble—use prepared statements or a library that interpolates and correctly escapes variables for you.
[... 65 words]