php and tripple quotes

It turns out that using mysql_real_escape_string on import_request_variables you end up with tripple quotes. That’s the problem with hacks instead of fixes: They leave a slight taste of problems. And room for people to inject some stuff.

One Response to “php and tripple quotes”

  1. Julik Says:

    Well as long as you turn on the magic quotes you are asking for trouble, so better don’t :-)

Leave a Reply

You must be logged in to post a comment.