I have two choices to store my html string:
- turning off
magic_quotes_gpc
and store it directly using PDO. - turning on
magic_quotes_gpc
and let my html string be stored with slashes using PDO. then, convert those slashes by using the functionstripslashes();
I need to know the pros and cons of those two choices, and which one do you recommend? I am guessing that there is a security threat with the first choice. and load on the server with the second choice, but I need to know what the experts say.
See Question&Answers more detail:os