Quick Links

Re: 8.1.4: Who says "PHP deprecated addslashes since 4.0"?

From:	Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
To:	ljb <ljb220(at)mindspring(dot)com>
Cc:	pgsql-general(at)postgresql(dot)org
Subject:	Re: 8.1.4: Who says "PHP deprecated addslashes since 4.0"?
Date:	2006-05-25 03:05:31
Message-ID:	7747.1148526331@sss.pgh.pa.us
Views:	Raw Message \| Whole Thread \| Download mbox \| Resend email
Thread:
Lists:	pgsql-general

ljb <ljb220(at)mindspring(dot)com> writes:
> | addslashes() or magic_quotes. We note that these tools have been deprecated
> | by the PHP group since version 4.0.

> Can anyone provide a source for the statement?

I'm not going to put words in Josh's mouth about where he got that from,
but anyone who reads all of the comments at
http://us3.php.net/manual/en/function.addslashes.php
ought to come away suitably unimpressed with the security of that
function.

regards, tom lane

In response to

8.1.4: Who says "PHP deprecated addslashes since 4.0"? at 2006-05-25 00:42:00 from ljb

Responses

Re: 8.1.4: Who says "PHP deprecated addslashes since 4.0"? at 2006-05-26 01:50:28 from ljb

Browse pgsql-general by date

	From	Date	Subject
Next Message	Chris Velevitch	2006-05-25 03:36:35	Re: How to estimate disk space
Previous Message	nuno	2006-05-25 02:11:33	Re: column order