[dev-announce] New post at PowerBlogs.Com Development
dev-announce at lists.powerblogs.com
dev-announce at lists.powerblogs.com
Tue May 11 04:26:17 EDT 2004
Hello,
There is a new post on PowerBlogs.Com Development. You can read it at:
http://dev.powerblogs.com/posts/1084263975.shtml
It begins:
There was a nasty PHP bug in the signup code which
added \ characters if the blog's title contained
any sort of quotes. I eventually tracked this down
to a "feature" controlled through the
magic_quote_gpc variable in the main PHP
configuration file. I suppose that this might do
someone good, but turning it off did the trick.
(The correct way to make your CGI secure is through
using regular expressions to verify input, not by
having your language automatically mangle every
string that it sees.)...
More information about the dev-announce
mailing list