I'm not really clear on when the magic_quotes are applied. php.nets documentation says that it basically addslashes() to any data gotten from a $_GET, $_POST, or cookie. I understand that to mean that if I insert a Post variable into mysql it will addslashes. for example:
but what I want to know is will the magic quotes be passed to other variables?
for example:
if I first set a regular variable equal to a post or get variable and then insert that into the mysql db, will the magic quotes still be applied to that variable? or should I addslashes() to variables that aren't $_POST or $_GET first?
thank you in advanced.
| Code: |
| "INSERT INTO table (notes) values ('".$_POST['notes']."')" |
but what I want to know is will the magic quotes be passed to other variables?
for example:
| Code: |
| $notes=$_POST['notes'];
"INSERT INTO table (notes) values ('$notes')"; |
if I first set a regular variable equal to a post or get variable and then insert that into the mysql db, will the magic quotes still be applied to that variable? or should I addslashes() to variables that aren't $_POST or $_GET first?
thank you in advanced.
