I want to turn off PHP's magic quotes. I don't have access to php.ini.
When I tried to add php_flag magic_quotes_gpc off to my .htaccess file, I get a 500 internal server error. This is what my .htaccess file looks like:
AddType x-mapp-php5 .php
php_flag magic_quotes_gpc off
Then I tried to use ini_set('magic_quotes_gpc', 'O'), but that had no effect.
How do I turn magic quotes off?
Answer
As per the manual you can often install a custom php.ini on shared hosting, where mod_php isn't used and the php_value directive thus leads to an error. For suexec/FastCGI setups it is quite common to have a per-webspace php.ini in any case.
--
I don't think O (uppercase letter o) is a valid value to set an ini flag. You need to use a true/false, 1/0, or "on"/"off" value.
ini_set( 'magic_quotes_gpc', 0 ); // doesn't work
EDIT
After checking the list of ini settings, I see that magic_quotes_gpc is a PHP_INI_PERDIR setting (after 4.2.3), which means you can't change it with ini_set() (only PHP_INI_ALL settings can be changed with ini_set())
What this means is you have to use an .htaccess file to do this - OR - implement a script to reverse the effects of magic quotes. Something like this
if ( in_array( strtolower( ini_get( 'magic_quotes_gpc' ) ), array( '1', 'on' ) ) )
{
$_POST = array_map( 'stripslashes', $_POST );
$_GET = array_map( 'stripslashes', $_GET );
$_COOKIE = array_map( 'stripslashes', $_COOKIE );
}
No comments:
Post a Comment