[PHP] Re: Kill Magic Quotes
you may try the ini_set('magic_quotes_gpc',0); note, this line should be the first line of code. also make sure that that your php opener is the first line in your script. 1. ?PHP 2. ini_set('magic_quotes_gpc',0); 3. # the rest of your script The following won't work 1. 2. ?PHP 3. ini_set('magic_quotes_gpc',0); 4. # the rest of your script Also a heads up for all readers, Warning This feature is DEPRECATED and REMOVED as of PHP 6.0.0. Relying on this feature is highly discouraged in php 6 the quotes will not be magically added. Dave M G wrote: PHP List, I am developing a web site that is hosted on a web server where I do not have permission to change the php.ini file. This server has magic quotes turned on. I'd like them off. I wrote two functions to detect when magic quotes is on, and to try and counter act its effects. But it does not seem to be working. It seems to have no effect, and I get slashes showing up in all sorts of output where I don't want them. Not only in data put into the database, but also emails sent to from the site contact page and other places. Here are the functions I created. Where have I gone wrong? public static function removeSlashes($string) { // Check if Magic Quotes is turned on. if (get_magic_quotes_gpc()) { // Remove escape slashes. return stripslashes($string); } // Return a string that has no escape slashes. return $string; } public static function restoreSlashes($string) { // Check if Magic Quotes is turned on. if (get_magic_quotes_gpc()) { // Add escape slashes. return addslashes($string); } // Return a string that has escape slashes. return $string; } Any advice much appreciated. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: Kill Magic Quotes
Roger Bigras wrote: you may try the ini_set('magic_quotes_gpc',0); RTM. http://www.php.net/get_magic_quotes_gpc It cannot be enabled/disabled at run time. It has to either be done in a .htaccess or through apache/php.ini changes. See this page for how to disable it: http://www.php.net/manual/en/security.magicquotes.disabling.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: Kill Magic Quotes
On Fri, Aug 8, 2008 at 9:05 AM, Chris [EMAIL PROTECTED] wrote: http://www.php.net/get_magic_quotes_gpc It cannot be enabled/disabled at run time. It has to either be done in a .htaccess or through apache/php.ini changes. afaik, turning off/on 'magic_quotes_sybase' is a workaround. it overrides the 'magic_quotes_gpc' and can be manipulated through ini_set php.net says magic_quotes_sybaseIf enabled, a single-quote is escaped with a single-quote instead of a backslash. If on, it completely overrides magic_quotes_gpc. Having both directives enabled means only single quotes are escaped as ''. Double quotes, backslashes and NULL's will remain untouched and unescaped. See also ini_get() for retrieving its value. /php.net says ~viraj See this page for how to disable it: http://www.php.net/manual/en/security.magicquotes.disabling.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: Kill Magic Quotes
Dave M G wrote: I am developing a web site that is hosted on a web server where I do not have permission to change the php.ini file. This server has magic quotes turned on. I'd like them off. I wrote two functions to detect when magic quotes is on, and to try and counter act its effects. But it does not seem to be working. It seems to have no effect, and I get slashes showing up in all sorts of output where I don't want them. Not only in data put into the database, but also emails sent to from the site contact page and other places. Perhaps you also need to disable magic_quotes_runtime: set_magic_quotes_runtime(0); // just call it once per page Are you sure you actually call your removeSlashes() function? Why do you think you need your restoreSlashes() function? (NB: not sufficient for MySQL statements, and not applicable for some other databases) Roger Bigras wrote: you may try the ini_set('magic_quotes_gpc',0); That won't work: http://au.php.net/manual/en/function.get-magic-quotes-gpc.php Keep in mind that the setting magic_quotes_gpc will not work at runtime. -- Ross McKay, Toronto, NSW Australia Let the laddie play wi the knife - he'll learn - The Wee Book of Calvin -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php