问题描述
我有一个问题,带有mysql查询的旧程序无法在禁用了magick_quotes_gpc的新php 5.3中使用,当查询变量具有单引号时,例如:
I have a problem, an old program with mysql querys doesn't works in new php 5.3 with magick_quotes_gpc disabled, when a variable of query have single quote, ex:
$text=$_GET['text'] --> "This is a text doesn'**strong text**t works"
mysql_query("UPDATE table SET '{$text}'");
仅在我之前做过此事时有效:
Only works if I make previously this:
$text=mysql_real_escape_string($_GET['text']);
但是我无法修改程序,并且程序很大,并且有很多查询,我该怎么办?
But I can't modify the program, and the program is to big and have a lot of querys, which I can i do?
推荐答案
如果无法修改程序,则应启用 magic_quotes_gpc
-该功能本身在php 5.3中仍然可用-仅已弃用.
If you can't modify the program, then you should enable magic_quotes_gpc
- the feature itself is still available in php 5.3 - only deprecated.
但是,升级到php 5.4并运行该应用程序将是一个安全问题.因此,在收到有关弃用的警告之后,请考虑以后如何保留有问题的应用程序的维护.
Upgrading to php 5.4 and running the application however would be a security issue. So after you've now been warned about deprecation, consider how you want to keep the maintenance for the application in question in the future.
这篇关于PHP 5.3 Magick报价gpc的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!