Zend Framework and magic quotes

Zend <a href= Framework & Magic Quotes">it is worth noting that with the release of php 6 this article is not relevant, and yet...

Anyone who has experience with php, probably knows or has heard about the Directive "magic_quotes_gpc"(magic quotes). If flag Directive is set to "On", the automatic escaping of data passed in the $_GET, $_POST, $_COOKIE(and hints abbreviation gpc at the end of directives).

When designing a website on Zend Framework e one of the requirements is off "magic_quotes_gpc". The thing is that Zend Framework itself screens the data and when the Directive "magic_quotes_gpc" is double-escaped, which is not good and beautiful. Problem would not be so acute if all hosts were given the right to change the value of "magic_quotes_gpc". I have repeatedly encountered this problem and found in my opinion a quite elegant solution.



In that case, when the server Directive "magic_quotes_gpc" is strictly set to "On", we will connect the small plug to avoid double-escaping:

/**
* the Plugin removes the shielding.
*
* Used in cases when the server is prohibited to turn off magic_quotes_gpc.
*
* @category Zend_Controller_Plugin
*/
class Singular_Controller_Plugin_Stripmagicquotes extends Zend_Controller_Plugin_Abstract
{
/**
* Called before Zend_Controller_Front enters a dispatch loop.
*
* @param Zend_Controller_Request_Abstract $request
* @return void
*/
public function dispatchLoopStartup(Zend_Controller_Request_Abstract $request)
{
/** included Check if the magic_quotes_gpc Directive */
if (get_magic_quotes_gpc()) {
/** Fetch the parameters */
$params = $request->getParams();
/** Recursively use the method of "exStripSlashes" to each element of the array */
array_walk_recursive($params, array($this 'exStripSlashes'));
/** Set the processed options */
$request- > setParams($params);
}
}

/**
* Removes the escaping characters.
*
* @param mixed $value
* @param mixed $key
* @return void
*/
private function exStripSlashes(&$value, $key)
{
/** Remove the escaping characters */
$value = stripslashes($value);
}
}

* This source code was highlighted with Source Code Highlighter.


Don't forget to rename the class name according to Convention framework and register a plugin:
/** Get the instance of the front controller */
$front = Zend_Controller_Front::getInstance();
/** Register the plugin */
$front- > registerPlugin(new Singular_Controller_Plugin_Stripmagicquotes());

* This source code was highlighted with Source Code Highlighter.


Thank you for your attention, have a good day.
Article based on information from habrahabr.ru

Комментарии

Отправить комментарий

Популярные сообщения из этого блога

Python-digest #8. News, interesting projects, articles and interviews [20 Dec 2013 — 27 Dec 2013]

Изображение
in a Hurry to congratulate all with coming new year. The gift I really is quite small — all the same latest news about Python and surrounding technologies. But there are interesting things about searching, Android applications, graphical interface for databases, OAuth, TDD, CMS and other letter combinations. The results of the vote previous digest with a lead of as many as six votes I not allowed to do the release on 3 January, we expect the extended version of January 10, Thank you owlman for illustration to the issue. By the way, he also writing about Python but unfortunately, not very often. Dreams patch the day to 30 hours instead of 24. the Articles and interviews the the time series Analysis with python An attempt to describe the process of analyzing time series using the statsmodels module. TDD with Django 1.6 An example implementation of the approach code development based on writing tests and subsequent writing code that passes those tests....
Далее...

google life search

Изображение
Yesterday Google announced the Live search So, what is it and how to use it? Did it make your search more relevant and convenient for users? How to get it, where to enter a query to see live results? The algorithm is still driven around and while fully works only for English queries. You enter the query and see the results of the search in the middle of the page in the section Latest result for “your request”. Can try enter your query here . For example, a request Obama. About the middle of the page is visible to block the Latest results that are updated in real-time. New results on request Obama constantly updated and added to the search results. If this text is annoying, you can pause by clicking "Pause", but completely remove the "live search" from the results it is impossible. Adam Smith, a Google employee, guiding the development of new search system in real time, says that not all queries can be seen regularly updated information: ...
Далее...

Transport Tycoon Deluxe / Emscripten part 2

Изображение
Transport Tycoon (Transport tycoon) is pretty old, but still enjoyable, especially the maniacs, the game is in the genre of RTS. /.../ There is also OpenTTD, outdoor product manyatta iPhoto, resulting from the game can not be distracted even in the toilet and underground, setting her on the Communicator or PDA. lurkmore I can honestly say: I killed a huge amount of time playing Transport Tycoon Deluxe. I'm just a fan of this game. So when on Habre the article appeared about how the guys from mozilla have ported Doom, I hit on the idea – to migrate one of my favorite games here on the Internet. By the way, the article was scarce, but I learned the main thing – the porting can be done using emscripten . Since the inception of the thought of the possibility of such a project was not less than a year (my first attempt crashed on the rocks of misunderstanding). And now I'm in a hurry to please you all: I did it! Now to sit ass playing TTD you can be located anywhere con...
Далее...