magic quotes

> Hello,
>
> Mapbender is not very decisive whether to use stripslashes on request
> parameters or not. We seem to indecisive if we assume magic_quotes_gpc
> to be on or  off (it is on by default).
>
> I suggest we add something like this to globalSettings.php
>
> if (get_magic_quotes_gpc() === 1) {
>     array_walk($_POST, 'stripslashes');
>     array_walk($_GET, 'stripslashes');
> }
>
> By this, all input would be properly prepared, and no stripslashing
> would have to occur.
>
> What do you think?
>
> Christoph

> On Thu, February 26, 2009 11:51 am, Christoph Baudson wrote:
>  
>> Hello,
>>
>> Mapbender is not very decisive whether to use stripslashes on request
>> parameters or not. We seem to indecisive if we assume magic_quotes_gpc
>> to be on or  off (it is on by default).
>>
>> I suggest we add something like this to globalSettings.php
>>
>> if (get_magic_quotes_gpc() === 1) {
>>     array_walk($_POST, 'stripslashes');
>>     array_walk($_GET, 'stripslashes');
>> }
>>
>> By this, all input would be properly prepared, and no stripslashing
>> would have to occur.
>>
>> What do you think?
>>
>> Christoph
>>    
>
> Hello Christoph,
>
>  this idea sounds reasonable to me.
>
> astrid
>  

> Astrid Emde (WhereGroup) schrieb:
>
>> On Thu, February 26, 2009 11:51 am, Christoph Baudson wrote:
>>
>>
>>> Hello,
>>>
>>>
>>> Mapbender is not very decisive whether to use stripslashes on request
>>>  parameters or not. We seem to indecisive if we assume
>>> magic_quotes_gpc to be on or  off (it is on by default).
>>>
>>> I suggest we add something like this to globalSettings.php
>>>
>>>
>>> if (get_magic_quotes_gpc() === 1) { array_walk($_POST,
>>> 'stripslashes');
>>> array_walk($_GET, 'stripslashes'); }
>>>
>>>
>>> By this, all input would be properly prepared, and no stripslashing
>>> would have to occur.
>>>
>>> What do you think?
>>>
>>>
>>> Christoph
>>>
>>>
>>
>> Hello Christoph,
>>
>>
>> this idea sounds reasonable to me.
>>
>> astrid
>>
>
> (I have just stumbled over this issue again, which resulted in another
> wasted hour. I should have made a motion the first time around.)
>
> I motion to add the code snippet
>
>
> if (get_magic_quotes_gpc() === 1) { array_walk($_POST, 'stripslashes');
> array_walk($_GET, 'stripslashes'); }
>
>
>
> to globalSettings.php, so it will automatically be executed in every
> module. I volunteer to search for every occurence of stripslashes in
> Mapbender, and remove it where appropriate.
>
>
> (Maybe this is something that can be done in Bolsena.)
>
>
> Please second and vote.

> Christoph
>
>
>> _______________________________________________
>> Mapbender_dev mailing list
>> [hidden email]
>> http://lists.osgeo.org/mailman/listinfo/mapbender_dev
>>
>>
>
>
> --
>
>
>
> _______________________________________
>
>
> W h e r e G r o u p GmbH & Co. KG
>
>
> Siemensstraße 8
> 53121 Bonn
> Germany
>
>
> Christoph Baudson
> Anwendungsentwickler
>
>
> Fon: +49 (0)228 / 90 90 38 - 15
> Fax: +49 (0)228 / 90 90 38 - 11
> [hidden email] www.wheregroup.com Amtsgericht Bonn, HRA
> 6788
> _______________________________________
>
>
> Komplementärin:
> WhereGroup Verwaltungs GmbH
> vertreten durch: Olaf Knopp, Peter Stamm
> _______________________________________
>
>
> _______________________________________________
> Mapbender_dev mailing list
> [hidden email]
> http://lists.osgeo.org/mailman/listinfo/mapbender_dev
>
>

> On Mon, June 15, 2009 10:53, Christoph Baudson wrote:
>  
>> Astrid Emde (WhereGroup) schrieb:
>>
>>    
>>> On Thu, February 26, 2009 11:51 am, Christoph Baudson wrote:
>>>
>>>
>>>      
>>>> Hello,
>>>>
>>>>
>>>> Mapbender is not very decisive whether to use stripslashes on request
>>>>  parameters or not. We seem to indecisive if we assume
>>>> magic_quotes_gpc to be on or  off (it is on by default).
>>>>
>>>> I suggest we add something like this to globalSettings.php
>>>>
>>>>
>>>> if (get_magic_quotes_gpc() === 1) { array_walk($_POST,
>>>> 'stripslashes');
>>>> array_walk($_GET, 'stripslashes'); }
>>>>
>>>>
>>>> By this, all input would be properly prepared, and no stripslashing
>>>> would have to occur.
>>>>
>>>> What do you think?
>>>>
>>>>
>>>> Christoph
>>>>
>>>>
>>>>        
>>> Hello Christoph,
>>>
>>>
>>> this idea sounds reasonable to me.
>>>
>>> astrid
>>>
>>>      
>> (I have just stumbled over this issue again, which resulted in another
>> wasted hour. I should have made a motion the first time around.)
>>
>> I motion to add the code snippet
>>
>>
>> if (get_magic_quotes_gpc() === 1) { array_walk($_POST, 'stripslashes');
>> array_walk($_GET, 'stripslashes'); }
>>
>>
>>
>> to globalSettings.php, so it will automatically be executed in every
>> module. I volunteer to search for every occurence of stripslashes in
>> Mapbender, and remove it where appropriate.
>>
>>
>> (Maybe this is something that can be done in Bolsena.)
>>
>>
>> Please second and vote.
>>    
>
> Seconded by Arnulf
>
> Vote: +1
>
>  

> Best regards,
> Arnulf
>
>  
>> Christoph
>>
>>
>>    
>>> _______________________________________________
>>> Mapbender_dev mailing list
>>> [hidden email]
>>> http://lists.osgeo.org/mailman/listinfo/mapbender_dev
>>>
>>>
>>>      
>> --
>>
>>
>>
>> _______________________________________
>>
>>
>> W h e r e G r o u p GmbH & Co. KG
>>
>>
>> Siemensstraße 8
>> 53121 Bonn
>> Germany
>>
>>
>> Christoph Baudson
>> Anwendungsentwickler
>>
>>
>> Fon: +49 (0)228 / 90 90 38 - 15
>> Fax: +49 (0)228 / 90 90 38 - 11
>> [hidden email] www.wheregroup.com Amtsgericht Bonn, HRA
>> 6788
>> _______________________________________
>>
>>
>> Komplementärin:
>> WhereGroup Verwaltungs GmbH
>> vertreten durch: Olaf Knopp, Peter Stamm
>> _______________________________________
>>
>>
>> _______________________________________________
>> Mapbender_dev mailing list
>> [hidden email]
>> http://lists.osgeo.org/mailman/listinfo/mapbender_dev
>>
>>
>>    
>
>
>