SitePoint Sponsor

User Tag List

Results 1 to 4 of 4
  1. #1
    SitePoint Member
    Join Date
    Sep 2011
    Posts
    5
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    register_long_arraysis deprecated in PHP 5.3 ?

    Hello everybody

    I have vBulletin4 and i have these two errors on my php error log file :

    1. PHP Code:
       PHP Deprecated:  Directive 'magic_quotes_gpc' is deprecated in PHP 5.3 and greater in Unknown on line 0 
    2. PHP Code:
      PHP Warning:  Directive 'register_long_arrays' is deprecated in PHP 5.3 and greater in Unknown on line 0[*] 


    I've googled about these errors, and i found the solution about the first one ('magic_quotes_gpc), they say to disable in the php.ini , but is this a security risk ?

    And for the second error, i've found nothing

    Regards

  2. #2
    Theoretical Physics Student bronze trophy Jake Arkinstall's Avatar
    Join Date
    May 2006
    Location
    Lancaster University, UK
    Posts
    7,062
    Mentioned
    2 Post(s)
    Tagged
    0 Thread(s)
    Truthfully one should develop without relying on Magic Quotes - it should be up to a developer to escape input when it needs to be escaped, not the other way around.

    There are loads of tutorials out there about how to grow out of magic_quotes. VBulletin grew out of magic quotes a long time ago, so as long as you check over your own code* on the same server, it should be fine to disable them.

    Register Long Arrays... that thing is there to essentially allow legacy code to work. Scripts which use $HTTP_POST_VARS instead of $_POST etc. There is no need for it unless you have ancient scripts or learnt from ancient tutorials.


    *Essentially magic quotes will put backslashes before quotes on all user input data. This was done so that a user could just throw data into a database query without needing to worry about SQL injections. It was later shown that there were ways for people to get around that if they really wanted to.

    If you escape your data before putting it blindly into a mysql_query function - or even better, use a library like PDO - you should be fine. Otherwise, you will need to check out the mysql_real_escape_string function and implement it on your own code before disabling magic quotes.

  3. #3
    I solve practical problems. bronze trophy
    Michael Morris's Avatar
    Join Date
    Jan 2008
    Location
    Knoxville TN
    Posts
    2,053
    Mentioned
    66 Post(s)
    Tagged
    0 Thread(s)
    Yes, they are deprecated in 5.3 and have been REMOVED in 5.4.

  4. #4
    SitePoint Member
    Join Date
    Sep 2011
    Posts
    5
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Thank you guys !

    Finally i opted for the disabling of magic quotes on the php.ini and actually i don't have any errors :-)


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •