[MOTION] Re: [Mapbender-dev] magic quotes

Christoph Baudson christoph.baudson at wheregroup.com
Mon Jun 15 04:53:50 EDT 2009


Astrid Emde (WhereGroup) schrieb:
> On Thu, February 26, 2009 11:51 am, Christoph Baudson wrote:
>   
>> Hello,
>>
>> Mapbender is not very decisive whether to use stripslashes on request
>> parameters or not. We seem to indecisive if we assume magic_quotes_gpc
>> to be on or  off (it is on by default).
>>
>> I suggest we add something like this to globalSettings.php
>>
>> if (get_magic_quotes_gpc() === 1) {
>>     array_walk($_POST, 'stripslashes');
>>     array_walk($_GET, 'stripslashes');
>> }
>>
>> By this, all input would be properly prepared, and no stripslashing
>> would have to occur.
>>
>> What do you think?
>>
>> Christoph
>>     
>
> Hello Christoph,
>
>  this idea sounds reasonable to me.
>
> astrid
>   

(I have just stumbled over this issue again, which resulted in another 
wasted hour. I should have made a motion the first time around.)

I motion to add the code snippet

if (get_magic_quotes_gpc() === 1) {
    array_walk($_POST, 'stripslashes');
    array_walk($_GET, 'stripslashes');
}


to globalSettings.php, so it will automatically be executed in every 
module. I volunteer to search for every occurence of stripslashes in 
Mapbender, and remove it where appropriate.

(Maybe this is something that can be done in Bolsena.)

Please second and vote.

Christoph

> _______________________________________________
> Mapbender_dev mailing list
> Mapbender_dev at lists.osgeo.org
> http://lists.osgeo.org/mailman/listinfo/mapbender_dev
>   


-- 


_______________________________________

W h e r e G r o u p GmbH & Co. KG

Siemensstraße 8
53121 Bonn
Germany

Christoph Baudson
Anwendungsentwickler

Fon: +49 (0)228 / 90 90 38 - 15
Fax: +49 (0)228 / 90 90 38 - 11
christoph.baudson at wheregroup.com
www.wheregroup.com
Amtsgericht Bonn, HRA 6788
_______________________________________

Komplementärin:
WhereGroup Verwaltungs GmbH
vertreten durch:
Olaf Knopp, Peter Stamm
_______________________________________



More information about the Mapbender_dev mailing list