[AppDB] Redisplay the input form and display the errors take 2

Chris Morgan chmorgan at gmail.com
Wed Jun 29 09:20:54 CDT 2005

Maybe its just on my machine where they are enabled and not locally
overridden.  Ahh, I just looked through the code path and
compile_insert_string() addslashes() each of the values it gets
passed.  We should probably refuse to function if magic quotes is
enabled, otherwise all of the database entries stored on a machine
with it on will have extra quotes.  I'm pretty sure app submission
works locally, the colors from the template don't disappear when
processing the submission.  Shouldn't they be messed up if we are both
magic quoting and addslashes() the values before inserting them into
the db?


On 6/29/05, Paul van Schayck <polleke at gmail.com> wrote:
> Hey,
> On 6/29/05, Tony Lambregts <tony.lambregts at gmail.com> wrote:
> > Chris and I talked on IRC and it turns out that magic_quotes_gpc are
> > turned "on" in php.ini on the production server and not on mine so we
> > needed a stripslashes() on the version description.
> They are supposed to be off! Check our .htaccess:
> http://cvs.winehq.org/cvsweb/~checkout~/appdb/.htaccess?rev=1.3&content-type=text/plain
> Our database query compile functions are also adding slashes and I
> don't see slashes appear in other recent database entries. In other
> words there we have no magic quotes added.
> So either the php overrule settings are recently changes or the
> slashes in appsubmit.php are comming from a different place.
> Paul

More information about the wine-devel mailing list