Questions tagged [magic-quotes-gpc]

`magic_quotes_gpc` is a PHP configuration setting enabling "magic quotes" (automatic escaping) for GET/POST/COOKIE variables.

When magic_quotes_gpc is enabled in PHP's configuration, PHP uses a method identical to addslashes() to automatically insert backslashes before certain problematic characters (\, ', ", and \0) in GET/POST/COOKIE values before they are passed to the script. The intent was to reduce the chance of their causing an error when interpolated directly into HTML or SQL, enabling PHP developers to write safer code without changing their habits.

Among their numerous drawbacks, though, is that if a script does properly escape data, assuming that magic quotes will be off, it will often break when this option is enabled; the resulting data will often have visible backslashes in it. In order to work both ways, a script needs to remove the added backslashes (using stripslashes()) if, and only if, magic quotes are enabled. Most problems these days have to do either with double-escaping caused by magic quotes, or with disabling the option on servers/hosts that have this misfeature enabled and do not allow configuration changes.

Magic quotes have been deprecated as of PHP 5.3, and removed entirely as of 5.4. Even in versions that still support them, their use is not recommended. The suggested course of action is instead to escape the data as needed, using a method appropriate for the data's intended destination.

PHP: Incorrect JSON decoding and stripslashes \t \n

I think in server that I'm working, magic_quotes are active and when receive a json from jquery.ajax I do this: alcancesP = stripslashes($_POST['alcances']); After I decode alcancesP: $dataAlcances = json_decode(alcancesP,true); But when I pass…

asked Feb 06 '13 at 17:39

SoldierCorp

7,610
16
60
100

votes

1 answer

magic-quotes is ON && usage of stripslashes AND mysql-real-escape-string TOGETHER

Possible Duplicate: How to prevent SQL injection in PHP? i am on a free php server, I don't have access to php.ini file and magic_quotes is ON. so while I add records into mysql via my form page, my php code is…

php mysql mysql-real-escape-string stripslashes magic-quotes-gpc

asked Feb 02 '13 at 21:15

Andre Chenier

1,166
2
18
37

votes

3 answers

PHP ignoring config file

I'm trying to turn off magic_quotes_gpc in PHP. I'm running PHP with Apache and Ubuntu. I have in my config file (/etc/php5/apache2/php.ini): magic_quotes_gpc Off Where I create a page with phpinfo() it shows magic_quotes_gpc as on. I've also…

php ubuntu magic-quotes-gpc

asked Feb 01 '13 at 04:58

Richard

1,259
1
12
17

votes

1 answer

Remote host adding a \ before every " in textarea when PHP posted and saved to SQLite database

The problem does not happen using the home WAMP server. I have tried two remote hosts with the same results. The textareas' hold some code that can be edited and later used on the website. Eg: Correct data in textarea:

votes

0 answers

magic_quotes_gpc is on

I have a site with I developed with Zend. I turned off magic_quotes_gpc in the application.ini file like this: phpSettings.magic_quotes_gpc = 0 phpSettings.magic_quotes_runtime = 0 phpSettings.magic_quotes_sybase = 0 But I can see when user want to…

php zend-framework magic-quotes-gpc

asked Jan 01 '13 at 08:00

afsane

1,889
6
25
40

votes

2 answers

Will magic_quotes_gpc save me from this?

There is a (ugly)project I was asked to help with by doing a specific task. The thing is, I don't have any control over the other files in the site much less over the server configuration. Some data I'm going to use comes from a query like…

php escaping magic-quotes-gpc

asked Nov 15 '12 at 11:32

olanod

30,306
7
46
75

votes

3 answers

Jquery Ajax escapes strings despite magic_quotes_gpc = off

Data I post via jQuery Ajax are being escaped even when magic_quotes_gpc = off on the server. Getting data directly from $_POST (not using ajax) works fine, unescaped. but sending them through ajax escapes them. $.ajax({ url:…

jquery ajax escaping magic-quotes-gpc

asked Aug 31 '12 at 11:56

dwelle

6,894
2
46
70

votes

3 answers

Why does my quoted text appear \"like this\"?

Possible Duplicate: “slash before every quote” problem I am passing messages between different parts of my php application using code that looks like this: $msg='"'.$_REQUEST['site'].'" modified.'; header('Location:…

php magic-quotes-gpc

asked Aug 24 '12 at 07:44

JDycus

votes

1 answer

php deprecation magic_quotes error won't go away

I know there is another topic on this from a while back, but there was never really a solid answer in there. I'm running Debian 6, Apache 2.2 and PHP 5.3.3. When I look at my phpinfo() output on the server, it shows magic_gpc_quotes as set to off. …

php apache2 debian magic-quotes-gpc

asked Apr 15 '12 at 12:35

Lyynk424

-1

votes

1 answer

Need to escape the json

i have situation i am getting this array from post Array([0] => {"question":"test " jakce"} ) i need to escape the string : Array([0] => {"question":"test \" jakce"} ) i already try addslash php method it just add slash to everywhere i just…

javascript php json wordpress magic-quotes-gpc

asked Feb 13 '15 at 12:33

Harman

-1

votes

1 answer

Error with Wordpress on Appserver

Appserver vrs:2.60, and PHP 6, and now i installion Wordpress in my computer, but when i conccept address: localhost/wordpress/wp-admin/setup-config.php so it error: Fatal error: Call to undefined function get_magic_quotes_gpc() in…

php appserver magic-quotes-gpc

asked Dec 12 '14 at 07:50

culuba

-2

votes

1 answer

Manually disable magic quote in joomla

So looks like I already got 2 down-votes for this thread. This thread can help people with poor understanding on Joomla or other PHP driven CMS as it helped me. The issue I had, which had been solved by @Gadoma in this thread, was I couldn't output…

php .htaccess joomla php-ini magic-quotes-gpc

asked Nov 23 '13 at 13:55

satancorpse

Prev 1 2 3 4