On Thu, 9 Feb 2006 14:48:17 +0100, Thomas -Balu- Walter <[EMAIL PROTECTED]> wrote: > On Thu, Feb 09, 2006 at 10:26:53AM -0300, Lic. Martin Marques wrote: >> On Thu, 9 Feb 2006, Thomas -Balu- Walter wrote: >> >If you tell people to switch that off, they might get problems with >> >other scripts. >> >> They can always have diferent settings for diferent directory > definitions >> in the web server. >> >> As I said before, magic_quotes is a very bad thing, and security must >> come from the programmer, not an automatic quoter. > > I absolutely agree with you here. But the programmer should also make > his software user/admin friendly and I don\'t think the 5 lines > workaround needed to fix this problem are too much hassle for the > coder... > > You will have more problems telling website-\"admins\" (which usually > don\'t know a bit of webserver administration) to change a PHP setting - > just for this subdirectory - been there, done that ;).
In drupal the distributed .htaccess has the following: # Override PHP settings. More exist in sites/default/settings.php, but # the following cannot be changed at runtime. <IfModule sapi_apache2.c> php_value magic_quotes_gpc 0 php_value register_globals 0 php_value session.auto_start 0 </IfModule> Wound something like that work here? I\'d rather have RC decide how RC is going to work than have people go out and tweak their php.ini. P -- http://fak3r.com - you don\\\'t have to kick it
