Sign Up to our social questions and Answers Engine to ask questions, answer people’s questions, and connect with other people.
Login to our social questions & Answers Engine to ask questions answer people’s questions & connect with other people.
Lost your password? Please enter your email address. You will receive a link and will create a new password via email.
Please briefly explain why you feel this question should be reported.
Please briefly explain why you feel this answer should be reported.
Please briefly explain why you feel this user should be reported.
Simple question and i want simple answer.
I’m using PDO prepared statements to make sure my data are safely processed to the database.
But im confused. Do i have to disable magic quotes or use stripslashes on variables if magic_quotes are enabled. And after then letting the PDO do the security job ?
If you are using PDO’s prepared statements to insert data into your database, the data will go into the database exactly as you insert it.
magic_quotesadds slashes to the data: these will therefore be present in the database. This is obviously not what you want.As you say, disable magic quotes or, if necessary, use
stripslashes.