December 21st, 2003, 04:39 AM
phpBB 2.06 search.php SQL injection it seems not succuess
Hello everybody,set the magic_quotes_gpc = ON in php.ini ,SQL injection it seems not succuess.
what do you think.?
December 21st, 2003, 07:20 AM
I have to say that I have no clue what the thing you put does, but I find the fix provided by phpbb is quite quick and painless. I would go with theirs because they know what they are doing, and what you put might have side effects.
December 21st, 2003, 12:44 PM
magic_quotes is evil, as I've mentioned before
NEVER EVER turn magic_quotes on - it may prevent security problems in some cases, but it causes A LOT of data corruption in others by putting loads of escaping in unnecessary places.
Read my previous thread on it