<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<HTML
><HEAD
><TITLE
>关闭魔术引号</TITLE
><META
NAME="GENERATOR"
CONTENT="Modular DocBook HTML Stylesheet Version 1.79"><LINK
REL="HOME"
TITLE="PHP 手册"
HREF="index.html"><LINK
REL="UP"
TITLE="魔术引号"
HREF="security.magicquotes.html"><LINK
REL="PREVIOUS"
TITLE="为什么不用魔术引号"
HREF="security.magicquotes.whynot.html"><LINK
REL="NEXT"
TITLE="隐藏 PHP"
HREF="security.hiding.html"><META
HTTP-EQUIV="Content-type"
CONTENT="text/html; charset=UTF-8"></HEAD
><BODY
CLASS="sect1"
BGCOLOR="#FFFFFF"
TEXT="#000000"
LINK="#0000FF"
VLINK="#840084"
ALINK="#0000FF"
><DIV
CLASS="NAVHEADER"
><TABLE
SUMMARY="Header navigation table"
WIDTH="100%"
BORDER="0"
CELLPADDING="0"
CELLSPACING="0"
><TR
><TH
COLSPAN="3"
ALIGN="center"
>PHP 手册</TH
></TR
><TR
><TD
WIDTH="10%"
ALIGN="left"
VALIGN="bottom"
><A
HREF="security.magicquotes.whynot.html"
ACCESSKEY="P"
>上一页</A
></TD
><TD
WIDTH="80%"
ALIGN="center"
VALIGN="bottom"
>章 31. 魔术引号</TD
><TD
WIDTH="10%"
ALIGN="right"
VALIGN="bottom"
><A
HREF="security.hiding.html"
ACCESSKEY="N"
>下一页</A
></TD
></TR
></TABLE
><HR
ALIGN="LEFT"
WIDTH="100%"></DIV
><DIV
CLASS="sect1"
><H1
CLASS="sect1"
><A
NAME="security.magicquotes.disabling"
>关闭魔术引号</A
></H1
><P
> <A
HREF="ref.info.html#ini.magic-quotes-gpc"
>magic_quotes_gpc</A
>
指令只能在系统级关闭,不能在运行时。也就是说不能用
<A
HREF="function.ini-set.html"
><B
CLASS="function"
>ini_set()</B
></A
>。
</P
><P
> <TABLE
WIDTH="100%"
BORDER="0"
CELLPADDING="0"
CELLSPACING="0"
CLASS="EXAMPLE"
><TR
><TD
><DIV
CLASS="example"
><A
NAME="AEN6873"
></A
><P
><B
>例 31-1. 在服务器端关闭魔术引号</B
></P
><P
> 下面是一个通过 <TT
CLASS="filename"
>php.ini</TT
> 文件把这些选项设为 <TT
CLASS="literal"
>Off</TT
>
的范例。更多信息请参见本手册的<A
HREF="configuration.changes.html"
>怎样修改配置设定</A
>。
</P
><TABLE
BORDER="0"
BGCOLOR="#E0E0E0"
CELLPADDING="5"
><TR
><TD
><PRE
CLASS="screen"
>; Magic quotes
;
; Magic quotes for incoming GET/POST/Cookie data.
magic_quotes_gpc = Off
; Magic quotes for runtime-generated data, e.g. data from SQL, from exec(), etc.
magic_quotes_runtime = Off
; Use Sybase-style magic quotes (escape ' with '' instead of \').
magic_quotes_sybase = Off</PRE
></TD
></TR
></TABLE
><P
> 如果不能修改服务器端的配置文件,使用
<TT
CLASS="filename"
>.htaccess</TT
> 也可以。范例如下:
</P
><TABLE
BORDER="0"
BGCOLOR="#E0E0E0"
CELLPADDING="5"
><TR
><TD
><PRE
CLASS="screen"
>php_flag magic_quotes_gpc Off</PRE
></TD
></TR
></TABLE
></DIV
></TD
></TR
></TABLE
>
</P
><P
> 为了能写出移植性较强的代码(可以运行于任何环境),例如不能修改服务器配置的情况,下面的例子可以在运行时关闭
<A
HREF="ref.info.html#ini.magic-quotes-gpc"
>magic_quotes_gpc</A
>。但是这样做比较低效,适当的修改配置才是更好的办法。
</P
><P
> <TABLE
WIDTH="100%"
BORDER="0"
CELLPADDING="0"
CELLSPACING="0"
CLASS="EXAMPLE"
><TR
><TD
><DIV
CLASS="example"
><A
NAME="AEN6886"
></A
><P
><B
>例 31-2. 在运行时关闭魔术引号</B
></P
><TABLE
BORDER="0"
BGCOLOR="#E0E0E0"
CELLPADDING="5"
><TR
><TD
><code><font color="#000000">
<font color="#0000BB"><?php<br /></font><font color="#007700">if (</font><font color="#0000BB">get_magic_quotes_gpc</font><font color="#007700">()) {<br /> function </font><font color="#0000BB">stripslashes_deep</font><font color="#007700">(</font><font color="#0000BB">$value</font><font color="#007700">)<br /> {<br /> </font><font color="#0000BB">$value </font><font color="#007700">= </font><font color="#0000BB">is_array</font><font color="#007700">(</font><font color="#0000BB">$value</font><font color="#007700">) ?<br /> </font><font color="#0000BB">array_map</font><font color="#007700">(</font><font color="#DD0000">'stripslashes_deep'</font><font color="#007700">, </font><font color="#0000BB">$value</font><font color="#007700">) :<br /> </font><font color="#0000BB">stripslashes</font><font color="#007700">(</font><font color="#0000BB">$value</font><font color="#007700">);<br /><br /> return </font><font color="#0000BB">$value</font><font color="#007700">;<br /> }<br /><br /> </font><font color="#0000BB">$_POST </font><font color="#007700">= </font><font color="#0000BB">array_map</font><font color="#007700">(</font><font color="#DD0000">'stripslashes_deep'</font><font color="#007700">, </font><font color="#0000BB">$_POST</font><font color="#007700">);<br /> </font><font color="#0000BB">$_GET </font><font color="#007700">= </font><font color="#0000BB">array_map</font><font color="#007700">(</font><font color="#DD0000">'stripslashes_deep'</font><font color="#007700">, </font><font color="#0000BB">$_GET</font><font color="#007700">);<br /> </font><font color="#0000BB">$_COOKIE </font><font color="#007700">= </font><font color="#0000BB">array_map</font><font color="#007700">(</font><font color="#DD0000">'stripslashes_deep'</font><font color="#007700">, </font><font color="#0000BB">$_COOKIE</font><font color="#007700">);<br /> </font><font color="#0000BB">$_REQUEST </font><font color="#007700">= </font><font color="#0000BB">array_map</font><font color="#007700">(</font><font color="#DD0000">'stripslashes_deep'</font><font color="#007700">, </font><font color="#0000BB">$_REQUEST</font><font color="#007700">);<br />}<br /></font><font color="#0000BB">?></font>
</font>
</code></TD
></TR
></TABLE
></DIV
></TD
></TR
></TABLE
>
</P
></DIV
><DIV
CLASS="NAVFOOTER"
><HR
ALIGN="LEFT"
WIDTH="100%"><TABLE
SUMMARY="Footer navigation table"
WIDTH="100%"
BORDER="0"
CELLPADDING="0"
CELLSPACING="0"
><TR
><TD
WIDTH="33%"
ALIGN="left"
VALIGN="top"
><A
HREF="security.magicquotes.whynot.html"
ACCESSKEY="P"
>上一页</A
></TD
><TD
WIDTH="34%"
ALIGN="center"
VALIGN="top"
><A
HREF="index.html"
ACCESSKEY="H"
>起始页</A
></TD
><TD
WIDTH="33%"
ALIGN="right"
VALIGN="top"
><A
HREF="security.hiding.html"
ACCESSKEY="N"
>下一页</A
></TD
></TR
><TR
><TD
WIDTH="33%"
ALIGN="left"
VALIGN="top"
>为什么不用魔术引号</TD
><TD
WIDTH="34%"
ALIGN="center"
VALIGN="top"
><A
HREF="security.magicquotes.html"
ACCESSKEY="U"
>上一级</A
></TD
><TD
WIDTH="33%"
ALIGN="right"
VALIGN="top"
>隐藏 PHP</TD
></TR
></TABLE
></DIV
></BODY
></HTML
>
