magic-quotes strikes again

There is a very annoying feature in PHP that is apparently enabled by default in Ubuntu called magic-quotes.  It automatically escapes quotes in data destined for mysql, GET/POST requests, etc.  The basic idea is to cover your rear in case you forget to escape some stuff.  The only thing is, if you escape as you should, it DOUBLE escapes (in effect, negating the escapedness).

Last night I updated my dad’s WSManage code to HEAD, and it failed miserably.  I was getting weird errors anywhere json was used.  It took me forever to figure out the culprit…magic-quotes.  I’d disabled it on my dev machine at home and forgot.

There is an encouraging bit of text on the php website, however:

This feature has been DEPRECATED as of PHP 5.3.0 and REMOVED as of PHP 6.0.0. Relying on this feature is highly discouraged.

Finally!  It will die!  😉

Of course, it still didn’t work right even after I turned that off…I forgot to update his database schema, too.  So I’m not a lazy programmer, but a forgetful one.  Just remember the difference is in the intention.  😛

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: