problems with a login/register script

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

cwheel3915
Forum Commoner
Posts: 28
Joined: Wed Apr 28, 2010 8:02 pm

Re: problems with a login/register script

Post by cwheel3915 »

I forgot to put in the database name. It now works!!! YAY

Im going to attempt to use the principals from this to rewrite the login code.


Code: Select all

  # If Magic Quotes are enabled, stripslashes()
   if(get_magic_quotes_gpc()) {
      $input = array(&$_GET, &$_POST, &$_COOKIE, &$_ENV, &$_SERVER);
      
      while(list($k, $v) = each($input)) {
        foreach($v as $key => $val) {
          if(!is_array($val)) {
            $input[$k][$key] = stripslashes($val);
            continue;
          }
          $input[] =& $input[$k][$key];
        }
      }
      unset($input);
    }
What is magic quotes? Also this just strips lashes correct?
User avatar
flying_circus
Forum Regular
Posts: 732
Joined: Wed Mar 05, 2008 10:23 pm
Location: Sunriver, OR

Re: problems with a login/register script

Post by flying_circus »

Magic Quotes came about to auto escape certain characters that have meaning to the PHP language. For example, single and double quotes, backslash, and null.

If we asked a user to enter their name on a form, they would enter "Tim O'Reily". Magic Quotes would auto-escape this to "Tim O\`Reily" and then, by them time you add slashes prior to inserting into a query, it may be "Tim O\\`Reily" negating the escaping and leaving the possibility for injection.

Magic Quotes have been deprecated in PHP 5.3.0, so to keep your code backwards compatible, check if the magic_quotes_gpc directive is set to true, and if it is, strip slashes.
cwheel3915
Forum Commoner
Posts: 28
Joined: Wed Apr 28, 2010 8:02 pm

Re: problems with a login/register script

Post by cwheel3915 »

Thank you a whole lot, you have been very helpful.
Post Reply