|
So my site still relies on magic_quotes since most of my site is made up of user input forms but i know this setting will soon be gone in PHP6 and its no longer a best practice... what should I be using instead..
currently all my form fields are only filtered with htmlentities() then if it needs to reapplied to form fields stripslashes() is used...
at this point I should turn off magic_quotes as it also creates errors with my htaccess rewrites when names include ' or " etc...
should I just use addslashes() when inputted and stripslashes() or is there something better I should look at?
|
