From 9aefce20aff0625b1637d501e4b503bbdf5bcd39 Mon Sep 17 00:00:00 2001
From: moodler <moodler>
Date: Thu, 8 Jan 2004 03:10:27 +0000
Subject: [PATCH] Add info about addslashes()

---
 lang/en/docs/coding.html | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/lang/en/docs/coding.html b/lang/en/docs/coding.html
index faad02f9d8..3b44a53dca 100755
--- a/lang/en/docs/coding.html
+++ b/lang/en/docs/coding.html
@@ -38,6 +38,10 @@
     the &quot;lang/en&quot; files and call them using get_string() or print_string().</li>
   <li class="spaced">All help files should be translatable - create new texts 
     in the &quot;en/help&quot; directory and call them using helpbutton().</li>
+  <li class="spaced">Incoming data from the browser (sent via GET or POST) automatically
+    has magic_quotes applied (regardless of the PHP settings) so that you can safely
+    insert it straight into the database.  All other raw data (from files, or from databases)
+    must be escaped with <font color="#339900">addslashes()</font> before inserting it into the database.</li>
 </ol>
 <p>&nbsp;</p>
 <h2>Coding Style</h2>
-- 
2.39.5