GET_MAGIC_QUOTES_GPC(3) 1 GET_MAGIC_QUOTES_GPC(3)get_magic_quotes_gpc - Gets the current configuration setting of magic_quotes_gpcSYNOPSIS
bool get_magic_quotes_gpc (void )
DESCRIPTION
Returns the current configuration setting of magic_quotes_gpc
Keep in mind that attempting to set magic_quotes_gpc at runtime will not work.
For more information about magic_quotes, see this security section.
RETURN VALUES
Returns 0 if magic_quotes_gpc is off, 1 otherwise. Or always returns FALSE as of PHP 5.4.0.
CHANGELOG
+--------+---------------------------------------------------+
|Version | |
| | |
| | Description |
| | |
+--------+---------------------------------------------------+
| 5.4.0 | |
| | |
| | Always returns FALSE because the magic quotes |
| | feature was removed from PHP. |
| | |
+--------+---------------------------------------------------+
EXAMPLES
Example #1
get_magic_quotes_gpc(3) example
<?php
// If magic quotes are enabled
echo $_POST['lastname']; // O'reilly
echo addslashes($_POST['lastname']); // O\'reilly
// Usage across all PHP versions
if (get_magic_quotes_gpc()) {
$lastname = stripslashes($_POST['lastname']);
}
else {
$lastname = $_POST['lastname'];
}
// If using MySQL
$lastname = mysql_real_escape_string($lastname);
echo $lastname; // O'reilly
$sql = "INSERT INTO lastnames (lastname) VALUES ('$lastname')";
?>
NOTES
Note
If the directive magic_quotes_sybase is ON it will completely override magic_quotes_gpc. So even when get_magic_quotes_gpc(3)
returns TRUE neither double quotes, backslashes or NUL's will be escaped. Only single quotes will be escaped. In this case they'll
look like: ''
SEE ALSO addslashes(3), stripslashes(3), get_magic_quotes_runtime(3), ini_get(3).
PHP Documentation Group GET_MAGIC_QUOTES_GPC(3)
Check Out this Related Man Page
MYSQL_QUERY(3) 1 MYSQL_QUERY(3)mysql_query - Send a MySQL querySYNOPSIS
Warning
This extension is deprecated as of PHP 5.5.0, and will be removed in the future. Instead, the MySQLi or PDO_MySQL extension should
be used. See also MySQL: choosing an API guide and related FAQ for more information. Alternatives to this function include:
omysqli_query(3)
o PDO::query
mixed mysql_query (string $query, [resource $link_identifier = NULL])
DESCRIPTION mysql_query(3) sends a unique query (multiple queries are not supported) to the currently active database on the server that's associated
with the specified $link_identifier.
o $query
- An SQL query The query string should not end with a semicolon. Data inside the query should be properly escaped.
o $
link_identifier -The MySQL connection. If the link identifier is not specified, the last link opened by mysql_connect(3) is
assumed. If no such link is found, it will try to create one as if mysql_connect(3) was called with no arguments. If no connection
is found or established, an E_WARNING level error is generated.
For SELECT, SHOW, DESCRIBE, EXPLAIN and other statements returning resultset, mysql_query(3) returns a resource on success, or FALSE on
error.
For other type of SQL statements, INSERT, UPDATE, DELETE, DROP, etc, mysql_query(3) returns TRUE on success or FALSE on error.
The returned result resource should be passed to mysql_fetch_array(3), and other functions for dealing with result tables, to access the
returned data.
Use mysql_num_rows(3) to find out how many rows were returned for a SELECT statement or mysql_affected_rows(3) to find out how many rows
were affected by a DELETE, INSERT, REPLACE, or UPDATE statement.
mysql_query(3) will also fail and return FALSE if the user does not have permission to access the table(s) referenced by the query.
Example #1
Invalid Query
The following query is syntactically invalid, so mysql_query(3) fails and returns FALSE.
<?php
$result = mysql_query('SELECT * WHERE 1=1');
if (!$result) {
die('Invalid query: ' . mysql_error());
}
?>
Example #2
Valid Query
The following query is valid, so mysql_query(3) returns a resource.
<?php
// This could be supplied by a user, for example
$firstname = 'fred';
$lastname = 'fox';
// Formulate Query
// This is the best way to perform an SQL query
// For more examples, see mysql_real_escape_string()
$query = sprintf("SELECT firstname, lastname, address, age FROM friends
WHERE firstname='%s' AND lastname='%s'",
mysql_real_escape_string($firstname),
mysql_real_escape_string($lastname));
// Perform Query
$result = mysql_query($query);
// Check result
// This shows the actual query sent to MySQL, and the error. Useful for debugging.
if (!$result) {
$message = 'Invalid query: ' . mysql_error() . "
";
$message .= 'Whole query: ' . $query;
die($message);
}
// Use result
// Attempting to print $result won't allow access to information in the resource
// One of the mysql result functions must be used
// See also mysql_result(), mysql_fetch_array(), mysql_fetch_row(), etc.
while ($row = mysql_fetch_assoc($result)) {
echo $row['firstname'];
echo $row['lastname'];
echo $row['address'];
echo $row['age'];
}
// Free the resources associated with the result set
// This is done automatically at the end of the script
mysql_free_result($result);
?>
mysql_connect(3), mysql_error(3), mysql_real_escape_string(3), mysql_result(3), mysql_fetch_assoc(3), mysql_unbuffered_query(3).
PHP Documentation Group MYSQL_QUERY(3)