View ProjeQtOr On SourceForge.net
ProjeQtOr - Project Management Tool
Support us on Capterra
OIN - Open Invention Network
ProjeQtOr free project management software - function str - ProjeQtOr
 
 

function str

More
30 Apr 2014 10:30 #1 by pepito
function str was created by pepito
hi

I have just seen your function called str

I think , it is a good idea to use the function mysqli::real_escape_string($str);


if (get_magic_quotes_gpc()) {
$str=mysqli::real_escape_string($str);
/* $str=str_replace('\"','"',$str);
$str=str_replace("\'","'",$str);
$str=str_replace('\\\\','\\',$str);*/
}


i modified and it seems that works properly

thanks

Please Log in or Create an account to join the conversation.

More
30 Apr 2014 11:51 #2 by babynus
Replied by babynus on topic function str
Yes, that works ...
... on MySql database, with mysqli plugin enabled.

But ProjeQtOr is also compatible with PosgreSql, so mysqli functions cannot be generalized.

Moreover, a security leak will be fixed in V4.3, that is not taken into account by mysqli::real_escape_string.
Babynus
Administrator of ProjeQtOr web site

Please Log in or Create an account to join the conversation.

Moderators: babynusprotion
Time to create page: 0.025 seconds

Cookies settings

×

Functional Cookies

Ce site utilise des cookies pour assurer son bon fonctionnement et ne peuvent pas être désactivés de nos systèmes. Nous ne les utilisons pas à des fins publicitaires. Si ces cookies sont bloqués, certaines parties du site ne pourront pas fonctionner.

Session

Please login to see yours activities!

Other cookies

Ce site web utilise un certain nombre de cookies pour gérer, par exemple, les sessions utilisateurs.

Login Form