"get_magic_quotes_gpc"
As I continue to ready site for php7, I'm wondering what the best replacement is for "get_magic_quotes_gpc"
As I continue to ready site for php7, I'm wondering what the best replacement is for "get_magic_quotes_gpc"
You shouldn't need that. It has been removed, so you shouldn't need to account for it. If you gave me an example in context then I could tell you more, but in general it just won't be necessary anymore. It will always be false, so wherever you used to have it, you could just hard code: false, if not delete it entirely.
$colname1_rsBIBinventory = (get_magic_quotes_gpc()) ? $_POST['BPeCart6_1_SizeID_Add'] : addslashes($_POST['BPeCart6_1_SizeID_Add']);
$colname2_rsBIBinventory = (get_magic_quotes_gpc()) ? $_POST['BPeCart6_1_ColorID_Add'] : addslashes($_POST['BPeCart6_1_ColorID_Add']);
$colname3_rsBIBinventory = (get_magic_quotes_gpc()) ? $_POST['BPeCart6_1_Option1ID_Add'] : addslashes($_POST['BPeCart6_1_Option1ID_Add']);
These are lines of code associated with MySQL recordsets.... The code will be rewritten and the references to get_magic_quotes_gpc will be removed once they are updated ty MySQLi for php7.
Here is the previously updated recordset. My understanding is that the get_magic_quotes_gpc and "addslashes" were for security reasons. They are no longer necessary with mysqli? Can the complete line "$colname1_rsBIBinventory = ( get_magic_quotes_gpc() ) ? $_POST[ 'BPeCart6_1_SizeID_Add' ] : addslashes( $_POST[ 'BPeCart6_1_SizeID_Add' ] );" safely be deleted after the recordset uses mysqli?
$colname1_rsBIBinventory = ( get_magic_quotes_gpc() ) ? $_POST[ 'BPeCart6_1_SizeID_Add' ] : addslashes( $_POST[ 'BPeCart6_1_SizeID_Add' ] );
becomes:
$colname1_rsBIBinventory = $_POST[ 'BPeCart6_1_SizeID_Add' ] ;
For reference:
$query_rsBIBinventory = sprintf( "SELECT * FROM product_inventory WHERE ProductID = 23 and SizeID = %s and ColorID = %s and Option1 = %s", GetSQLValueString( $colname1_rsBIBinventory, "int" ), GetSQLValueString( $colname2_rsBIBinventory, "int" ), GetSQLValueString( $colname3_rsBIBinventory, "int" ) ); //make the query string
$rsBIBinventory = $conn_dbi->query( $query_rsBIBinventory );
$row_rsBIBinventory = $rsBIBinventory->fetch_assoc();
It will be removed when the recordset is updated to MySQLi and it will not be necessary since that protection is built in with the use of parameterized SQL statements.
Your friends over here at WebAssist! These Dreamweaver extensions will assist you in building unlimited, custom websites.
These out-of-the-box solutions provide you proven, tested applications that can be up and running now. Build a store, a gallery, or a web-based email solution.